urlscan.io logo urlscan.io
SecurityTrails logo

wheregoes.com Open in urlscan Pro
2606:4700:3035::ac43:b70e  Public Scan

Go To Rescan Add Verdict Report
URL: https://wheregoes.com/trace/20234290838/
Submission: On September 16 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 114 IPs in 8 countries across 97 domains to perform 346 HTTP transactions. The main IP is 2606:4700:3035::ac43:b70e, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheregoes.com.
TLS certificate: Issued by GTS CA 1P5 on August 17th 2023. Valid for: 3 months.
This is the only time wheregoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:e2:... 13335 (CLOUDFLAR...)
4 151.139.128.10 20446 (STACKPATH...)
9 2a00:1450:400... 15169 (GOOGLE)
1 167.172.55.208 14061 (DIGITALOC...)
9 216.52.2.91 32475 (SINGLEHOP...)
3 2602:803:c004... 26667 (RUBICONPR...)
5 9 37.252.171.85 29990 (ASN-APPNEX)
1 2a02:2638:d::a 44788 (ASN-CRITE...)
12 52.30.209.60 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
3 51.89.9.254 16276 (OVH)
1 185.255.84.150 200271 (IGUANE-)
17 2a02:2638:3::3 44788 (ASN-CRITE...)
1 18.66.97.109 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 52.18.182.246 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 162.19.138.118 16276 (OVH)
5 7 2a02:2638:3::c 44788 (ASN-CRITE...)
2 178.250.7.13 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 34.98.64.218 396982 (GOOGLE-CL...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
14 37.157.5.84 198622 (ADFORM)
2 2602:803:c003... 26667 (RUBICONPR...)
6 10 69.173.144.139 26667 (RUBICONPR...)
3 2.17.100.211 20940 (AKAMAI-ASN1)
1 1 3.126.137.99 16509 (AMAZON-02)
3 6 18.195.36.161 16509 (AMAZON-02)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
10 184.30.22.30 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
23 37.157.2.247 198622 (ADFORM)
1 178.250.1.6 44788 (ASN-CRITE...)
2 5 178.250.1.9 44788 (ASN-CRITE...)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
3 15 69.173.144.138 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 52.46.130.91 16509 (AMAZON-02)
10 13 142.250.186.130 15169 (GOOGLE)
2 4 67.220.228.201 16509 (AMAZON-02)
6 3.33.220.150 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
19 2a02:2638:d::13 44788 (ASN-CRITE...)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 136.243.149.243 24940 (HETZNER-AS)
2 184.30.20.22 16625 (AKAMAI-AS)
2 3.77.133.205 16509 (AMAZON-02)
1 3 185.86.139.103 201081 (SMARTADSE...)
1 2 141.226.228.48 200478 (TABOOLA-AS)
1 2.16.97.41 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
6 3.75.62.37 16509 (AMAZON-02)
1 37.157.4.28 198622 (ADFORM)
1 185.255.84.152 200271 (IGUANE-)
2 8 104.18.26.193 13335 (CLOUDFLAR...)
1 3 52.210.204.82 16509 (AMAZON-02)
2 52.48.217.22 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 3.124.248.207 16509 (AMAZON-02)
2 4 64.202.112.31 22075 (AS-OUTBRAIN)
17 198.47.127.205 3257 (GTT-BACKB...)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 184.30.17.243 16625 (AKAMAI-AS)
1 34.255.244.27 16509 (AMAZON-02)
1 3.123.197.153 16509 (AMAZON-02)
1 5 138.201.135.164 24940 (HETZNER-AS)
2 4 216.52.2.39 32475 (SINGLEHOP...)
1 18.203.183.215 16509 (AMAZON-02)
1 18.223.127.73 16509 (AMAZON-02)
2 52.213.146.58 16509 (AMAZON-02)
5 6 52.48.219.162 16509 (AMAZON-02)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
2 2 52.206.108.195 14618 (AMAZON-AES)
3 3 52.44.35.59 14618 (AMAZON-AES)
1 192.132.33.69 18568 (BIDTELLECT)
2 2600:9000:21f... 16509 (AMAZON-02)
6 2600:1f18:1ac... 14618 (AMAZON-AES)
1 151.101.129.108 ()
1 13.32.99.30 ()
1 2 2.18.160.23 ()
2 54.229.198.137 ()
1 2 89.149.192.197 ()
2 2 23.56.202.187 ()
3 184.30.16.195 ()
1 2600:9000:223... ()
1 77.245.57.72 ()
1 3.229.235.214 ()
7 8 46.228.174.117 ()
5 5 2001:678:cb4:... ()
2 2 193.0.160.130 ()
1 69.166.1.35 ()
1 1 147.75.84.158 ()
1 1 34.203.47.197 ()
1 8.2.110.24 ()
1 2606:4700:20:... ()
2 3 198.47.127.19 ()
1 8.43.72.98 ()
1 12 52.210.15.1 ()
6 6 37.157.6.232 ()
1 8.18.47.7 ()
2 2 64.202.112.223 ()
1 1 69.192.160.219 ()
2 2 208.93.169.131 ()
3 4 151.101.2.49 ()
1 1 202.241.208.52 ()
1 80.77.87.166 ()
2 2 185.184.8.90 ()
1 2600:9000:211... ()
1 1 2620:116:800d... ()
1 1 85.114.159.93 ()
1 173.231.180.197 ()
1 1 82.145.213.8 ()
1 1 34.102.163.6 ()
1 35.186.193.173 ()
2 2 213.155.156.184 ()
1 195.5.165.20 ()
1 35.186.154.107 ()
1 2 2606:4700::68... ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
3 4 52.6.12.102 ()
1 35.204.74.118 ()
2 2 52.28.188.58 ()
2 98.98.134.242 ()
1 2a02:fa8:8806... ()
1 1 64.227.64.62 ()
1 35.244.174.68 ()
346 114
12    2606:4700:3035::ac43:b70e (United States)

ASN13335 (CLOUDFLARENET, US)
wheregoes.com
3    2606:4700:e2::ac40:8820 (United States)

ASN13335 (CLOUDFLARENET, US)
api.fouanalytics.com
4    151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net
cdn4.buysellads.net
9    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    167.172.55.208 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-ldn-18.buysellads.com
srv.buysellads.com
9    216.52.2.91 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
vap1ams1.lijit.com
3    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
9    37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
12    52.30.209.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
3    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
17    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    18.66.97.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-109.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:3400:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    52.18.182.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
id5-sync.com
7    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
6    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
03dd251465dfbbde95fd5c2d6f4d386f.safeframe.googlesyndication.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
3    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
14    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    2602:803:c003:200::27 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
beacon-ams3.rubiconproject.com
10    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    2.17.100.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-211.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
1    3.126.137.99 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-137-99.eu-central-1.compute.amazonaws.com
ghent-aws-fr.bidswitch.net
6    18.195.36.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-36-161.eu-central-1.compute.amazonaws.com
aws-fr-sync.bidswitch.net
x.bidswitch.net
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
10    184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
23    37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
5    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.nl3.eu.criteo.com
dis.criteo.com
3    2a05:d018:d29:3601:ad5e:1111:f66a:1a0c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
15    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
13    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
4    67.220.228.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
6    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
19    2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
1    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    136.243.149.243 (Sindelfingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de
hal9000.redintelligence.net
2    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
2    3.77.133.205 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
match.sharethrough.com
3    185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
sync.taboola.com
1    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
6    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
8    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
3    52.210.204.82 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-204-82.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    52.48.217.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-217-22.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    3.124.248.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-248-207.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
4    64.202.112.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
17    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
image2.pubmatic.com
1    2600:1f18:612b:4264:68e0:e587:d65a:6262 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    34.255.244.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-244-27.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    3.123.197.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-197-153.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
5    138.201.135.164 (St. Ingbert, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.135.201.138.clients.your-server.de
hal900015.redintelligence.net
4    216.52.2.39 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
1    18.203.183.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    18.223.127.73 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-127-73.us-east-2.compute.amazonaws.com
s.thebrighttag.com
2    52.213.146.58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-146-58.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
6    52.48.219.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-219-162.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    52.206.108.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-108-195.compute-1.amazonaws.com
sync.ipredictive.com
3    52.44.35.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-35-59.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    192.132.33.69 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 69.bidtellect.com
bttrack.com
2    2600:9000:21f3:2e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
6    2600:1f18:1aca:4281:46cd:d9d2:4aa:c72b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dt.adsafeprotected.com
1    151.101.129.108 (None, )

ASN- ()
acdn.adnxs.com
1    13.32.99.30 (None, )

ASN- ()
public.servenobid.com
2    2.18.160.23 (None, )

ASN- ()
c21lg-d.media.net
hbx.media.net
2    54.229.198.137 (None, )

ASN- ()
g2.gumgum.com
rtb.gumgum.com
2    89.149.192.197 (None, )

ASN- ()
ssbsync.smartadserver.com
2    23.56.202.187 (None, )

ASN- ()
secure-assets.rubiconproject.com
3    184.30.16.195 (None, )

ASN- ()
ads.pubmatic.com
1    2600:9000:223f:4400:1f:4c18:bd40:93a1 (None, )

ASN- ()
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (None, )

ASN- ()
sync.adkernel.com
1    3.229.235.214 (None, )

ASN- ()
cs-server-s2s.yellowblue.io
8    46.228.174.117 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
5    2001:678:cb4:bbbb::11 (None, )

ASN- ()
ad.turn.com
2    193.0.160.130 (None, )

ASN- ()
p.rfihub.com
1    69.166.1.35 (None, )

ASN- ()
sync.go.sonobi.com
1    147.75.84.158 (None, )

ASN- ()
prebid.a-mo.net
1    34.203.47.197 (None, )

ASN- ()
ssp.disqus.com
1    8.2.110.24 (None, )

ASN- ()
sync.admanmedia.com
1    2606:4700:20::681a:bd1 (None, )

ASN- ()
ad4m.at
3    198.47.127.19 (None, )

ASN- ()
image6.pubmatic.com
1    8.43.72.98 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
12    52.210.15.1 (None, )

ASN- ()
usersync.gumgum.com
6    37.157.6.232 (None, )

ASN- ()
c1.adform.net
dmp.adform.net
1    8.18.47.7 (None, )

ASN- ()
match.deepintent.com
2    64.202.112.223 (None, )

ASN- ()
b1sync.zemanta.com
1    69.192.160.219 (None, )

ASN- ()
stags.bluekai.com
2    208.93.169.131 (None, )

ASN- ()
bh.contextweb.com
4    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    202.241.208.52 (None, )

ASN- ()
tg.socdm.com
1    80.77.87.166 (None, )

ASN- ()
cs.admanmedia.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    2600:9000:211e:5a00:1b:5138:8a40:93a1 (None, )

ASN- ()
s.ad.smaato.net
1    2620:116:800d:21:c5a4:625:6563:a5bb (None, )

ASN- ()
cms.quantserve.com
1    85.114.159.93 (None, )

ASN- ()
dsp.adfarm1.adition.com
1    173.231.180.197 (None, )

ASN- ()
cm.adgrx.com
1    82.145.213.8 (None, )

ASN- ()
t.adx.opera.com
1    34.102.163.6 (None, )

ASN- ()
ad.mrtnsvr.com
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
2    213.155.156.184 (None, )

ASN- ()
d5p.de17a.com
1    195.5.165.20 (None, )

ASN- ()
core.iprom.net
1    35.186.154.107 (None, )

ASN- ()
cm-supply-web.gammaplatform.com
2    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
4    52.6.12.102 (None, )

ASN- ()
a.audrte.com
1    35.204.74.118 (None, )

ASN- ()
um.simpli.fi
2    52.28.188.58 (None, )

ASN- ()
rtb.mfadsrvr.com
2    98.98.134.242 (None, )

ASN- ()
pixel-sync.sitescout.com
1    2a02:fa8:8806:12::1400 (None, )

ASN- ()
pubmatic-match.dotomi.com
1    64.227.64.62 (None, )

ASN- ()
match.adsby.bidtheatre.com
1    35.244.174.68 (None, )

ASN- ()
id.rlcdn.com
Apex Domain
Subdomains		 Transfer
44 adform.net
track.adform.net — Cisco Umbrella Rank: 4312
s1.adform.net — Cisco Umbrella Rank: 10226
cm.adform.net — Cisco Umbrella Rank: 1283
c1.adform.net
dmp.adform.net
248 KB
43 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 544
beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 9735
token.rubiconproject.com — Cisco Umbrella Rank: 657
eus.rubiconproject.com — Cisco Umbrella Rank: 669
pixel.rubiconproject.com — Cisco Umbrella Rank: 402
secure-assets.rubiconproject.com
pixel-us-east.rubiconproject.com
66 KB
37 criteo.net
static.criteo.net — Cisco Umbrella Rank: 660
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9832
csm.eu.criteo.net — Cisco Umbrella Rank: 9485
790 KB
23 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 953
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
37 KB
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
176 KB
17 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 891
gum.criteo.com — Cisco Umbrella Rank: 450
mug.criteo.com — Cisco Umbrella Rank: 2385
ads.eu.criteo.com — Cisco Umbrella Rank: 9400
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10535
widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 19371
dis.criteo.com — Cisco Umbrella Rank: 641
90 KB
16 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 728
pxdrop.lijit.com — Cisco Umbrella Rank: 3648
vap1ams1.lijit.com — Cisco Umbrella Rank: 56810
ce.lijit.com — Cisco Umbrella Rank: 1084
25 KB
14 gumgum.com
g2.gumgum.com
usersync.gumgum.com
rtb.gumgum.com
5 KB
13 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2535
public.servenobid.com
9 KB
12 wheregoes.com
wheregoes.com
159 KB
10 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 878
static.adsafeprotected.com — Cisco Umbrella Rank: 635
dt.adsafeprotected.com — Cisco Umbrella Rank: 570
101 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
03dd251465dfbbde95fd5c2d6f4d386f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 152
42 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 268
acdn.adnxs.com
secure.adnxs.com
24 KB
9 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 478
ups.analytics.yahoo.com — Cisco Umbrella Rank: 349
2 KB
8 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1861
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
5 KB
8 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 330
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1065
6 KB
7 bidswitch.net
ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 11654
aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 26094
x.bidswitch.net — Cisco Umbrella Rank: 373
2 KB
6 1rx.io
sync.1rx.io
3 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 628
3 KB
6 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37741
hal900015.redintelligence.net — Cisco Umbrella Rank: 307515
8 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 406
2 KB
5 turn.com
ad.turn.com
2 KB
5 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 767
ssbsync.smartadserver.com
2 KB
5 media.net
prebid.media.net — Cisco Umbrella Rank: 1455
contextual.media.net — Cisco Umbrella Rank: 719
c21lg-d.media.net
hbx.media.net
11 KB
4 audrte.com
a.audrte.com
3 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 879
1 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 248
29 KB
4 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1430
google-bidout-d.openx.net — Cisco Umbrella Rank: 1435
us-u.openx.net
960 B
4 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 22673
168 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
921 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 888
2 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
171 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 946
bcp.crwdcntrl.net — Cisco Umbrella Rank: 963
sync.crwdcntrl.net
12 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 884
361 B
3 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 11819
7 KB
2 sitescout.com
pixel-sync.sitescout.com
374 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 de17a.com
d5p.de17a.com
562 B
2 creativecdn.com
creativecdn.com
701 B
2 contextweb.com
bh.contextweb.com
1 KB
2 zemanta.com
b1sync.zemanta.com
1 KB
2 admanmedia.com
sync.admanmedia.com
cs.admanmedia.com
209 B
2 rfihub.com
p.rfihub.com
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com
842 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1100
958 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 522
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 786
397 B
2 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1595
sync.taboola.com
276 B
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 613
69 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 887
id5-sync.com — Cisco Umbrella Rank: 427
31 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4325
visitor.omnitagjs.com — Cisco Umbrella Rank: 966
2 KB
1 rlcdn.com
id.rlcdn.com
98 B
1 bidtheatre.com
match.adsby.bidtheatre.com
555 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 simpli.fi
um.simpli.fi
612 B
1 gammaplatform.com
cm-supply-web.gammaplatform.com
286 B
1 iprom.net
core.iprom.net
278 B
1 ctnsnet.com
ipac.ctnsnet.com
360 B
1 mrtnsvr.com
ad.mrtnsvr.com
308 B
1 opera.com
t.adx.opera.com
552 B
1 adgrx.com
cm.adgrx.com
282 B
1 adition.com
dsp.adfarm1.adition.com
524 B
1 quantserve.com
cms.quantserve.com
588 B
1 smaato.net
s.ad.smaato.net
244 B
1 socdm.com
tg.socdm.com
696 B
1 bluekai.com
stags.bluekai.com
774 B
1 deepintent.com
match.deepintent.com
44 B
1 ad4m.at
ad4m.at
1 disqus.com
ssp.disqus.com
275 B
1 a-mo.net
prebid.a-mo.net
156 B
1 sonobi.com
sync.go.sonobi.com
401 B
1 yellowblue.io
cs-server-s2s.yellowblue.io
370 B
1 adkernel.com
sync.adkernel.com
160 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com
526 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 1039
163 B
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2555
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 785
338 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2295
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2782
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4737
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 30092
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2982
398 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1362
884 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 3467
274 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 433
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2604
163 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 410
649 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 364
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1597
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1593
3 KB
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 22403
721 B
0 loopme.me Failed
csync.loopme.me Failed
0 claudiepierlot.com Failed
pv.claudiepierlot.com Failed
346 97
Domain Requested by
23 s1.adform.net track.adform.net
ghent-aws-fr.bidswitch.net
s1.adform.net
wheregoes.com
19 imageproxy.eu.criteo.net ads.eu.criteo.com
17 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
cdn4.buysellads.net
15 pixel.rubiconproject.com 3 redirects wheregoes.com
ads.eu.criteo.com
eus.rubiconproject.com
14 track.adform.net cdn4.buysellads.net
wheregoes.com
s1.adform.net
hal900015.redintelligence.net
13 cm.g.doubleclick.net 10 redirects wheregoes.com
g2.gumgum.com
12 usersync.gumgum.com 1 redirects g2.gumgum.com
12 ads.servenobid.com cdn4.buysellads.net
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
ads.pubmatic.com
12 wheregoes.com wheregoes.com
10 simage2.pubmatic.com ads.eu.criteo.com
ads.pubmatic.com
10 eus.rubiconproject.com cdn4.buysellads.net
eus.rubiconproject.com
wheregoes.com
public.servenobid.com
g2.gumgum.com
10 token.rubiconproject.com 6 redirects cdn4.buysellads.net
wheregoes.com
eus.rubiconproject.com
9 securepubads.g.doubleclick.net cdn4.buysellads.net
securepubads.g.doubleclick.net
wheregoes.com
www.googletagservices.com
7 image2.pubmatic.com ads.pubmatic.com
7 gum.criteo.com 5 redirects static.criteo.net
7 ib.adnxs.com 3 redirects cdn4.buysellads.net
ads.eu.criteo.com
acdn.adnxs.com
6 sync.1rx.io 6 redirects
6 dt.adsafeprotected.com
6 match.prod.bidr.io 5 redirects wheregoes.com
6 ups.analytics.yahoo.com ads.eu.criteo.com
wheregoes.com
public.servenobid.com
ads.pubmatic.com
6 match.adsrvr.org wheregoes.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
ads.pubmatic.com
eus.rubiconproject.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 ap.lijit.com cdn4.buysellads.net
wheregoes.com
public.servenobid.com
5 c1.adform.net 5 redirects
5 ad.turn.com 5 redirects
5 hal900015.redintelligence.net 1 redirects wheregoes.com
hal900015.redintelligence.net
5 x.bidswitch.net 3 redirects ads.eu.criteo.com
g2.gumgum.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 ce.lijit.com 2 redirects ap.lijit.com
4 sync.outbrain.com 2 redirects ads.eu.criteo.com
g2.gumgum.com
4 dis.criteo.com 2 redirects ads.eu.criteo.com
4 cdnjs.cloudflare.com ads.eu.criteo.com
s1.adform.net
4 aax-eu.amazon-adsystem.com 2 redirects wheregoes.com
ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects wheregoes.com
ssum-sec.casalemedia.com
4 cdn4.buysellads.net wheregoes.com
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
3 sync.srv.stackadapt.com 3 redirects
3 dpm.demdex.net 1 redirects ads.eu.criteo.com
ssum-sec.casalemedia.com
3 rtb-csync.smartadserver.com 1 redirects ads.eu.criteo.com
ssbsync.smartadserver.com
3 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
3 vap1ams1.lijit.com cdn4.buysellads.net
wheregoes.com
3 pxdrop.lijit.com cdn4.buysellads.net
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.googletagservices.com securepubads.g.doubleclick.net
3 onetag-sys.com cdn4.buysellads.net
public.servenobid.com
3 fastlane.rubiconproject.com cdn4.buysellads.net
3 api.fouanalytics.com wheregoes.com
api.fouanalytics.com
2 pixel-sync.sitescout.com ads.pubmatic.com
eus.rubiconproject.com
2 rtb.mfadsrvr.com 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 d5p.de17a.com 2 redirects
2 creativecdn.com 2 redirects
2 bh.contextweb.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 secure.adnxs.com 2 redirects
2 p.rfihub.com 2 redirects
2 sync.targeting.unrulymedia.com 1 redirects ssbsync.smartadserver.com
2 secure-assets.rubiconproject.com 2 redirects
2 ssum-sec.casalemedia.com public.servenobid.com
ssum-sec.casalemedia.com
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 static.adsafeprotected.com pixel.adsafeprotected.com
wheregoes.com
2 sync.ipredictive.com 2 redirects
2 pixel.tapad.com 1 redirects wheregoes.com
2 pixel.adsafeprotected.com wheregoes.com
2 ad.360yield.com ads.eu.criteo.com
g2.gumgum.com
2 r.casalemedia.com 1 redirects ads.eu.criteo.com
2 match.sharethrough.com ads.eu.criteo.com
public.servenobid.com
2 contextual.media.net ads.eu.criteo.com
cdn4.buysellads.net
2 beacon-ams3.rubiconproject.com cdn4.buysellads.net
wheregoes.com
2 mug.criteo.com
2 oajs.openx.net 1 redirects wheregoes.com
1 id.rlcdn.com eus.rubiconproject.com
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm-supply-web.gammaplatform.com ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 ad.mrtnsvr.com 1 redirects
1 t.adx.opera.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 cms.quantserve.com 1 redirects
1 s.ad.smaato.net ssbsync.smartadserver.com
1 cs.admanmedia.com g2.gumgum.com
1 tg.socdm.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 us-u.openx.net 1 redirects
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 sync.taboola.com 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 sync.admanmedia.com public.servenobid.com
1 hbx.media.net 1 redirects
1 ssp.disqus.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c21lg-d.media.net contextual.media.net
1 public.servenobid.com cdn4.buysellads.net
1 acdn.adnxs.com cdn4.buysellads.net
1 bttrack.com wheregoes.com
1 s.thebrighttag.com ads.eu.criteo.com
1 beacon.krxd.net ads.eu.criteo.com
1 e1.emxdgt.com ads.eu.criteo.com
1 sync-criteo.ads.yieldmo.com ads.eu.criteo.com
1 ad.yieldlab.net ads.eu.criteo.com
1 a.twiago.com ads.eu.criteo.com
1 criteo-partners.tremorhub.com ads.eu.criteo.com
1 exchange.mediavine.com ads.eu.criteo.com
1 matching.ivitrack.com ads.eu.criteo.com
1 visitor.omnitagjs.com ads.eu.criteo.com
1 cm.adform.net ads.eu.criteo.com
1 eb2.3lift.com ads.eu.criteo.com
1 criteo-sync.teads.tv ads.eu.criteo.com
1 sync-t1.taboola.com ads.eu.criteo.com
1 hal9000.redintelligence.net wheregoes.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 px.ads.linkedin.com wheregoes.com
1 widget.nl3.eu.criteo.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 www.google.com tpc.googlesyndication.com
1 ads.eu.criteo.com cdn4.buysellads.net
1 aws-fr-sync.bidswitch.net cdn4.buysellads.net
1 ghent-aws-fr.bidswitch.net 1 redirects
1 google-bidout-d.openx.net oa.openxcdn.net
1 03dd251465dfbbde95fd5c2d6f4d386f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 prebid.media.net cdn4.buysellads.net
1 bidder.criteo.com cdn4.buysellads.net
1 srv.buysellads.com cdn4.buysellads.net
0 csync.loopme.me Failed ads.pubmatic.com
0 pv.claudiepierlot.com Failed ads.eu.criteo.com
346 152

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
wheregoes.com
GTS CA 1P5		 2023-08-17 -
2023-11-15		 3 months crt.sh
fouanalytics.com
E1		 2023-09-09 -
2023-12-08		 3 months crt.sh
cdn4.buysellads.net
R3		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-25 -
2024-06-24		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-08-31 -
2023-11-29		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-07-27 -
2023-10-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
cert2-prod.aut.a24365.net
R3		 2023-08-28 -
2023-11-26		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-27 -
2023-10-22		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-08 -
2023-11-08		 3 months crt.sh
redintelligence.net
R3		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
teads.tv
R3		 2023-09-13 -
2023-12-12		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
itm.ivitrack.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
*.match.prod.bidr.io
Amazon RSA 2048 M02		 2023-02-09 -
2024-01-26		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-04 -
2024-04-21		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02		 2023-05-09 -
2024-06-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M03		 2023-09-04 -
2024-10-02		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.gammaplatform.com
Go Daddy Secure Certificate Authority - G2		 2023-06-19 -
2024-07-20		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-08-15 -
2024-09-15		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh

This page contains 63 frames:

Primary Page: https://wheregoes.com/trace/20234290838/
Frame ID: 95F79769E984A4BDF67C9BD8C84ABD69
Requests: 53 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wheregoes.com
Frame ID: B2D84BED0D828804C225C6E041899737
Requests: 2 HTTP requests in this frame

Frame: https://03dd251465dfbbde95fd5c2d6f4d386f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C348AABECEC0CFB3CCB72B7CB0EC0B7B
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 9472E874B415B7F59F2CE4331C4B7B5B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyqbBsxNTF3mDRgC-cEE_LyoAABxW6ZWYYH0OMVgqIf-1BvVSoSXRcd_S3ZUockNHY5gVqubUZBjj0v4XA9t9f_cCnGZcyn4y4GxWg513vfEKzagC3b7LNkP-tzND0TP9Tmvig_PDMVKQHEBNIxHklhbju2GZ2NQPXSjIPk9rY5we5O6e_fovRRDYzULgfCoZaFRSEg90udxfQZ5R5SkH_lYnf0x_479e-JoaUGmOs-TM2oD0UnqTGWa2Q8Cf9Fd06V9krpdLSpHNdI7FdGyqh5t5Mu96B4JYUTSKE5UWnKYj_BP_xIAhBqLri1S2ulyB57_wkHUe6RsBvxASdIKjFPV-TyAj1SZoB&sai=AMfl-YRe7y6yfzRZ49jhw7HwvLGAWjF8wWUvmj5CKqVVNXCszBoUSubbLEvpOqRT9qec8MP50vaq7-HjNxuzmHcMrMr3dznmHyJT5YkRluP7TXdT4upbN1JuJlMK-uvEsO72w-ifPXgekPWZ1m-KwNs&sig=Cg0ArKJSzP-CrO0qx8qyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 740CF50B9E1A1F416C20FE793464B570
Requests: 22 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmq7AFlf69eYzNq_LT2h95My-EXdzbgDv1IcNMuoq3dVNiD24XFU-fkbQ2WvWdhRr8j7_3H17NfJHsYFrqRapFNMJok5uposBLPJjxSoEmWtCn0onM6sXY59YXFV-0EkClMdJ6g_GY8CQNhUFU3fhgsA3X4_jFsVxQOmIQ9xK6gmv6zs37WPsH2euYjDgdsTG2kJhAfusfTWkd1M8_A-NTGwdjpVCz7RNs-kNcPAiRRypquyD7vxilWwS4GkNQWP4XH9XVwIqfH3VK_qfT2RAzM0mUvKuBuZxpRD3jVdKMN6nkOz_YnXeQ6XYjdE52MgdOuFn7D3wr37Gfb8LnXhselP8ZCRah&sai=AMfl-YQM17zvRK6MBT4tU4MxhvQsIcO0WVrDHDq1-AH1KjszMKpJEV1oXUDg9U8sHdytlZy3ZcYFNQe7qDzye466gAg9a87dL9WTYHQEtuSJ1cAnPZIX5sdj5Vtda1XeyoweUJlvGvJ-Q0w4EElYXjk&sig=Cg0ArKJSzDwmYmFDKtHhEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 37582FE896D0198A9FEA87835D8EC700
Requests: 18 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsta2NOL-J40x0l9GaIuk3hkNHIkwpM8Xlt2NCb2ICY-TOAoSHThoW5gz9VjV63qZPfkMmG2nWr5Bc4DN44WhSm412ji2BUGuh5FLntpnSbzITpnO_fWpCkjR7Fu_4l4ybk7RfrVPq_p5oqnlbbR_O4iL_Prprck-h0xYJqAKvo9N1U6GxzO6A76mY0u46W47eZfgSLqaC2w0xrYqXnHKU7tuMHY7LsqvBro3YKpgtIX0-ZLGHghl67OMTntFhALc3ge9wesRiXG0xlM9jN-j1_1NDAVr9wEXpIxWFQHNxaVPIOXRqmeqnXzwpQdbxXyn1wUsHrwK5pSbPgSKGpwgVkkxxJxBkQiii_T0waVZg&sai=AMfl-YSFv3qBNwrs03dnH5zWt1JpTXO1DWmQWmiX_NoRoqYfS-Uz1UnQNo5w5u9g_dHYrPWExoc4i4MTthDHmqlsxoJS0YMcHs5oA-zebo8pUhMe1R8kOFh8QmyoHzXiBbBljv52kK_sMF4xOg_onIY&sig=Cg0ArKJSzKA5r23bILqTEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DDE2854018C514FDA3280E17F727276E
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Frame ID: BEA8768DE95356DF9916B54E59CA9B28
Requests: 38 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 88785D7264D003D96125A21488451078
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8DB96C1FA487952D9520A8A161D13254
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A559AC878DB8B5404173C74FB58ADCAD
Requests: 2 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=65052d1c90db292b7428c5b28887382b&r=https%3a%2f%2fwheregoes.com%2f&crossorigin=false
Frame ID: BC7EFACC300E814B74C5BB5BACC56D85
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-__E0W8wBT8GBbnf3cbtUS0duKSw8EcGwZuQW2A&google_gid=CAESEL72H-fj5gb4FCqy-U_tf2M&google_cver=1&google_ula=913071,0
Frame ID: E44450623BF76C0427540770F870CBE7
Requests: 29 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=8128488&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: 8393FD37267B2FF785E5D0CF37AADFE3
Requests: 1 HTTP requests in this frame

Frame: https://hal900015.redintelligence.net/request_content.php?s=40256400009887409150649012449015&a=cc09cc0f
Frame ID: A0CD4183078A744C4B793A04461760BC
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 0021D90C17160342D4B090193AAC4913
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F92752A90A7B8D737F31AE328E22C8CB
Requests: 1 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/13350674/13350674.js?ADFassetID=13350674&bv=258
Frame ID: 19A2AEF3D69E096D79FF6FA74F0F6CA3
Requests: 19 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon?informer=8128488&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Frame ID: 8B110F9AF8BCBE33F5C584D44095865F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com
Frame ID: 3B1B0C6048BA1EB42A5BFF922EF0DD3E
Requests: 2 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=8128488
Frame ID: AC8CE43433124FEAEDBFABDABB1934FD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1694838044203
Frame ID: E698B26D72A216FC4241F24FF0BE19D1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 147B604EAC46119FDEBEF1273B6CA50A
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 37F04A6A2A0FB2F91326A114DF738399
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: B806F38B302E6E56518075F4AF2DEB8D
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 54AFD91053DDC8759F45D47F250F8859
Requests: 3 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 308B39F639D20CA4CC737AE60EF57B38
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: A211A1B9FADEE5587E867C33DB7C7266
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 94241B8A3912B92E4C2C416B6FAC9124
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 483E1615E027653622FEED08280574A6
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: A281757FA3CAA5F7A4823D5DB83ED235
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: D3A5ED9CCBDFABE6777C5039C69F51A5
Requests: 18 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 3550B6497114A7E1BA58E2FCCD29C370
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 182748FD3DE6036D86824BFE7DAD92CE
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 0CF2137152C1B659815CCD9571D94C60
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=3757237494770433060&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Frame ID: 9F8D7775B24F88802977D7B26426E19D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZQUtHwAQoCl7pAAN&gdpr=0&gdpr_consent=&_test=ZQUtHwAQoCl7pAAN
Frame ID: 1C37D861BD082D9E2473AC4330E62D43
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hMTAwZTdhZC04ZmJlLTRlZjctYmJmYS01NTQ4NDIwMGI4MTY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 48877444543BFCCB42D87424FE48564E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 727EF531EC850A0B5D94AA4ABD4C394B
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 04147AF6BD9FF4C315D1BF328565F37B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZQUtIMCo5tIAAE81UBQAAAAA
Frame ID: D7E3C325654D08C82D268E762B016680
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_a100e7ad-8fbe-4ef7-bbfa-55484200b816&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 0FEF738B8226A45023163C115597E7B2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=RmrSYzCVMfTBJ0lGOHUq&pi=gumgum&tc=1
Frame ID: B1D2E4AD9B351FCE3F6648D30C9D5C48
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 2E202A9D1C382E151BC3AC74BD07FEC1
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: E1E3773F7771464B11AA0F5AAB4C7ACA
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7F931A00-F6CC-4838-8D36-CF34C7AC9665&redir=true&gdpr=0&gdpr_consent=
Frame ID: A7E1B4A0F2BD1ECF1E8C8DC4EA92B347
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uUNl3L0SZI-iEmLRuUd427lCMd2iFDDQvkcPH73g
Frame ID: 11ECBDC6FA6AF26C519342A3723E027E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4380659188768351338&gdpr=0&gdpr_consent=
Frame ID: 805A1971A03FD597C4E824DE8A17E511
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7279273983894681742&gdpr=0&gdpr_consent=
Frame ID: C8C756E025883745A569603F27D68853
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HdJPhCxZWpBi3zdayk0nmdly2hQ&gdpr=0&gdpr_consent=
Frame ID: 586965303C0F0630B9A242472A81938D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 1FA28E150E492B8315768A626057BD11
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC0tE7KCloAACX2BoW3sw&gdpr=0&gdpr_consent=
Frame ID: 3EA36954E7F6E44F4B2180362B8C382F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQUtHwAQuzaslgAb
Frame ID: 62FF6B24EA9053F7EA99A79F034A6E1D
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: 63BF5BC95FA983A4CF5A8E0158634FA3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbb949607ced042f3a72ea0c550381a2b
Frame ID: E1BDC79D34FE84A9C4C642F4C3C65078
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7F931A00-F6CC-4838-8D36-CF34C7AC9665&gdpr=0&gdpr_consent=
Frame ID: 5A57CFCB0449D0F6F4FE09346ED1F358
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 19388FBB3C98544F2EFDD5A3F61AEB5D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7887662680556711373
Frame ID: 687AC7D8015C80EF3DA81F3A0AE3A9AA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829925329579
Frame ID: 26F8FDF120522248CDB11D525DBD9520
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 3AFC55120DF7011322E138E6E61B78CB
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: FD04D3297C3236FE8B956549BBA6C71B
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 0B10472509B7196509464434446ABC5B
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=7F931A00-F6CC-4838-8D36-CF34C7AC9665
Frame ID: 3EAB5BE71309D012A55384084A80940C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Trace Results | WhereGoes

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <form [^>]*id="mc-embedded-subscribe-form"
  • <form [^>]*name="mc-embedded-subscribe-form"
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

346
Requests

82 %
HTTPS

24 %
IPv6

97
Domains

152
Subdomains

114
IPs

8
Countries

2247 kB
Transfer

4998 kB
Size

53
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&rid=esp&cc=1
Request Chain 40
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheregoes.com&sn=ChromeSyncframe&so=0&topUrl=wheregoes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=eUlCIHxoVCtVaDV4UDB3d2M4SlJRckRzSEdHa0FBaFlLUEFiYkFYQzFJU2xzQi9xaHVBRWFlU3ZseXJiejMwZnI1TytsODZVaGQ5YkMzQk9TdEs0ZjRnQmNDRlBSclRVNzhib0NtK0J4Yzc3alJuT2d0dDJOZ3RWQ3p0LzRFblBSZ2d6aWxtZWUzeE1MbmRKVVZ6UzVjTXVHQzkweFVYV2RHZWlZYWJHK1djUVU2YjNxTE54UUZrcmtOM1pxK0dhaVB2ZGhGWG1SUzlZcGRRQjJvWG1YOFJNbmJMQVduN3lncGdKbXI0K00yN0NpTWU0c2hkeCtEQ1dVdlpwUW1IS2FGeG9RUGVyUFVuMFB0ME9vVDBvTVRwZ1I1dz09fA&cppv=2
Request Chain 61
  • https://ghent-aws-fr.bidswitch.net/imp/0.0523/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R63477641_Qrtbwp_R_I_WAUCTION__PRICE_X-EJ__IZKIAq55oUbYqKknhMla6-2Mw39S00_Qrtbdata_R0L1ZDbaSoQedTd0GZbZXOPsSqURZ8OZSjomTqSl4TT2ttMP3jKOsfmmTFnbExOITjrvt3__gbA9__NotpUPY8BrnNn__FiDNQAKI8Yu0fipInmDa04QQ__an43LOVWHVpGky2r6JLcaX__2Abz9RJntpJYx345yz3__Yw3FQLMVb2a6WhoRbD3iOdkLt6ZLIIHSytiE5zcbUUxXPuyUBkNx2AAzA2_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/8k6ikb5a1e7pVXOhmLyrCr6DK80urWpNU_AoOIvSB3tNSHfyWImd_gagBvQdFfPIPVQpS_B3Ydo9Ttfv_P3phEdwlRFQAu2PRBh84VLngtYznNImF5FDrYiNliYArGvfaut3NoQ4wfvTnP_-ijBnX-vGf4ypsGtRmNOgQlaxu_uFNptbKBrqya0q6GicCzUF4eFdwsffSFquJHd8Pyl_mLRNKW712UCutr4Fx5rtHazrUpd5S98_cEDOzJm4yyM5kOKnE_YjWNQbL8m_anxJen7AS4IA3CAvnO4aJzp8BmwrP47_5MToX98eMSm5wtVyAw6ncZpB4J24WBK3BD8LXdgBGc69gk7ynKeAa48FTTu4DH3-HksfmbDchTyAMG9d1VNNhu4We3EEJ99Ha3yJ7N8EjUO_g-4-cZAjMIDQ4-Nltb3BZYFWvdae-7ZmRzTu380H8IvXSH67Wx08oIR767n8v8FtBZ36XUgWGPH0aNbgjThoZu-aQDYQ0CkCaqd_FD5uu8JDwJCWpNmBS9AtaAZKpLNJ7lsfqtayB0QKAICq_Pxkhku7-3IGYk03OG_bOImFz1KfeIdrQjbPf6YwkCMlIk665BJTFqqC1_Cn95kBRD8kTg8quCjj1P1hrgr1q13kGTfXBGRTWHELtOopEeA6bNcFmuCULZrA-_a9OVkFcmcp1pTQE2rU9x8hviCFD3gI4M1b2vb2drzoTEoqgW5_Ip55PqTaoUhagZ7ZimhZuof_8lrqfnT7pzASVB6yiNU0EnKspzp73Y-Gc5sVvQdUaknD4Ajt-6T3I844_Fljj5okVYMtOPxFdmhbmdp8tfevZnsx3FQ19fVm8GHtaK6AK3hv0RoZU5BWozuHBsmyf3shNZgYmfL27GgfZ1mVWPIyaRdoL0MhNY11JBWsVKR4QIa_1Aeg0lMKWs3If7yiNQwMAhM7t53nbErV3lNTzlqIXu5-dbUf8zK9aTJLkI7bXRWiziKpTnyloBe0aSKCYdTNiuvHaovSxh5vMwiSpThVGoIzL4hKOGQCtJHKbeYVKR5oKqfjmt6uTyJ0bN60cq9_HpWHTWFQwX9YzlJFEvUiQuRDlKWtvqiiDjbfq2tGTSYhuy-w3ym0_NW9B-s/ HTTP 302
  • https://track.adform.net/adfscript/?bn=63477641;rtbwp=0.0523-EJ_IZKIAq55oUbYqKknhMla6-2Mw39S00;rtbdata=0L1ZDbaSoQedTd0GZbZXOPsSqURZ8OZSjomTqSl4TT2ttMP3jKOsfmmTFnbExOITjrvt3_gbA9_NotpUPY8BrnNn_FiDNQAKI8Yu0fipInmDa04QQ_an43LOVWHVpGky2r6JLcaX_2Abz9RJntpJYx345yz3_Yw3FQLMVb2a6WhoRbD3iOdkLt6ZLIIHSytiE5zcbUUxXPuyUBkNx2AAzA2;;OOBClickTrack=
Request Chain 86
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/_MhlG4gBbVdSWkWSWy3kMg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NVrvP1hE2oKDbLAnOVjqQ5XeNtpED7SMiiVnZg--~A
Request Chain 87
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMLIT8GW-5-92YU
Request Chain 88
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tQLl-BE7TQGfU9UGwCe7YQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tQLl-BE7TQGfU9UGwCe7YQ
Request Chain 89
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGFjMDEwYWNiZDIxMGEwZGZiMjcyODczMGVmOGE3ZGVmMjI1MGZmNg
Request Chain 90
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1MSVQ4R1ctNS05MllV HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBIKsDvh_PFQgcyCFdurcqE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1MSVQ4R1ctNS05MllV&google_push=
Request Chain 91
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LsJkssswS_aR_ewUiPAE2g&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LsJkssswS_aR_ewUiPAE2g
Request Chain 92
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP5BVqawU3RKpnHaQU9veYs&google_cver=1
Request Chain 124
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-__E0W8wBT8GBbnf3cbtUS0duKSw8EcGwZuQW2A&google_cm&google_hm=ay1fX0UwVzh3QlQ4R0JibmYzY2J0VVMwZHVLU3c4RWNHd1p1UVcyQQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-__E0W8wBT8GBbnf3cbtUS0duKSw8EcGwZuQW2A&google_gid=CAESEL72H-fj5gb4FCqy-U_tf2M&google_cver=1&google_ula=913071,0
Request Chain 126
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4380659188768351338
Request Chain 137
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XBSde8wBT8GBbnf3cbtUS0duKSxfT6EVefHD2A HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XBSde8wBT8GBbnf3cbtUS0duKSxfT6EVefHD2A&C=1
Request Chain 138
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=XGqErJ6zzKZ0mSzXQJeF8-lpV5-s2K85 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=XGqErJ6zzKZ0mSzXQJeF8-lpV5-s2K85
Request Chain 160
  • https://hal900015.redintelligence.net/request.php?zone=hqlt4swdcmtw&nw=20&renderingType=javascript&namespace=8cc8bc81bf&subid=&uid=69b5624a10a88d6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=SSP%3AMagnite%20DV%2B%20Platform&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239551%3Bcrtbwp%3DA3B4F555EEFA3632%3Bcrtbdata%3DkfkPQ_6tnM8XaMHxV2IFya-kHeLxSZqDLRSS-n0iNrW6Bn5Akp7xHTnIJIZjWBb2zdrzuO6I_lfDyeH4Lk7SGQJuNVU9xy4KDR_xlNuELWr_ybo1XlsabHuaXvd1Z5D8ikSyMY6XAlx9JGJvq8YnagNq94qtAs_uALqA4p0WcUclFTGzWmKMpo92d3By-GLz7TZYM-w18blWeC4aXvnX4hi1M2vhVm_PTRcTXNXaf9kexR5bUXfDEd_8XFAedtKw0khXRwdaSoE522vNtB8Sk8N-eG7y1UnI4UFuhV40q881%3Badfibeg%3D0%3Bcdata%3DvuLkJzT0l1OAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNV_ChdBvdDDJR83CZxtsPGiReIeMtFnicxZMkZo0lvpOROIa3grt1px9JGJvq8YnaibmXHPd0oZev5TdLk1z5oEbV946MqZx1YXDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTV-xGKFmUIVFYfa1hzU9rD0Pv8hP3tCzhnZzNUp5PILAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwheregoes.com%252ftrace%252f20234290838%252f%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=1310973791603&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900015.redintelligence.net/request.php?zone=hqlt4swdcmtw&nw=20&renderingType=javascript&namespace=8cc8bc81bf&subid=&uid=69b5624a10a88d6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=SSP%3AMagnite%20DV%2B%20Platform&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239551%3Bcrtbwp%3DA3B4F555EEFA3632%3Bcrtbdata%3DkfkPQ_6tnM8XaMHxV2IFya-kHeLxSZqDLRSS-n0iNrW6Bn5Akp7xHTnIJIZjWBb2zdrzuO6I_lfDyeH4Lk7SGQJuNVU9xy4KDR_xlNuELWr_ybo1XlsabHuaXvd1Z5D8ikSyMY6XAlx9JGJvq8YnagNq94qtAs_uALqA4p0WcUclFTGzWmKMpo92d3By-GLz7TZYM-w18blWeC4aXvnX4hi1M2vhVm_PTRcTXNXaf9kexR5bUXfDEd_8XFAedtKw0khXRwdaSoE522vNtB8Sk8N-eG7y1UnI4UFuhV40q881%3Badfibeg%3D0%3Bcdata%3DvuLkJzT0l1OAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNV_ChdBvdDDJR83CZxtsPGiReIeMtFnicxZMkZo0lvpOROIa3grt1px9JGJvq8YnaibmXHPd0oZev5TdLk1z5oEbV946MqZx1YXDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTV-xGKFmUIVFYfa1hzU9rD0Pv8hP3tCzhnZzNUp5PILAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwheregoes.com%252ftrace%252f20234290838%252f%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=1310973791603&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 168
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5l0NaF4BSImZJ4dUN399lwrc4Knm4eU_
Request Chain 170
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ZSaAERTo4gBrpCI9FYpAoaUhgSemuH16
Request Chain 183
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LMLIT8GW-5-92YU&redir=true
Request Chain 184
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LMLIT8GW-5-92YU HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LMLIT8GW-5-92YU
Request Chain 186
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4bd2efee-924f-4a80-8826-c23103e701ea&expires=30
Request Chain 188
  • https://sync.srv.stackadapt.com/sync?nid=14 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=HdJPhCxZWpBi3zdayk0nmdly2hQ
Request Chain 223
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wheregoes.com&sn=ChromeSyncframe&so=3&topUrl=wheregoes.com&bundle=zCm86V9JRkNNbXBPZHNyZ0NURFR6a2l0V0RBOFJScUdRSFo1TERVeUtjVnFJcnNqOTRaMDZ0YmJ2dzk3Q0s4RE05SzJFbUM1b05wYmpKWmFyNmNTN2hjT1p6Qm53SkJDd2phU0Y3JTJCMHc3WVdyJTJCUndmOG9YbFYxYm5zVWdsYmZVdWhWSVhjVU9UQjRDZkxJNTdOVmRBSzNkcHdnJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=2iVod3xhcjcvR1pNbE8zZ3BYZjNCaVM1RlVPTStZRVZDTFZwTnZWYTdpN0tLNnR5Y3VCdjdzQ1dCNUVwakNRcUtyRi83am92TUxkVmxVNlR0Tnh1b1hUTkhCR2o4eloraWxPRDRtaVREeXJLd21TTXhCQnRTVkRhbGMrNW5VYVJudzh0M0RBRVJjTnd3RUp5NXB2UHZNR2RrRzdvdU4rNkNlWUFIQisrZnVUVzgxM2V4WE1iT092MUJXZUhJRTRFaFZjT1ArSmxZa3hTemRyamM2bDdmZDRFRW1yd2Y0Rk9YMklHak1UVDRIT2JSMWd5eXlpRHc2bUxCRGVqaTEwUFZNbS9lYjN3ZHVWekZ5WGFpVzRlalh5bW9HRXRST1lwZlB0QkRpNlpzeUFTYUNyZz18&cppv=2
Request Chain 246
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 251
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4380659188768351338
Request Chain 252
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HVDEvRZHKi5YOkHgTiyHySZc
Request Chain 254
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1694838047713 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4762385104 HTTP 302
  • https://sync.1rx.io/usersync/turn/8205491501728770872?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003
Request Chain 255
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5107433829925329579
Request Chain 257
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 259
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-103ed757-1865-324c-ba1b-fcb6e49f73c1
Request Chain 262
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQUtHerse6DcEux39_KyMgAABLAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEXzRPLahv6pWThQv5HUZs4&google_cver=1
Request Chain 267
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZQUtHerse6DcEux39-KyMgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED8op5utjtVpOK6-CKa6gA0&google_cver=1
Request Chain 271
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZQUtHerse6DcEux39-KyMgAA%261200&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=21d6f16d-d58b-4721-83c2-5423f3ca511d-tuctbfeb29f
Request Chain 272
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8205491501728770872
Request Chain 277
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4380659188768351338
Request Chain 278
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a100e7ad-8fbe-4ef7-bbfa-55484200b816&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3757237494770433060&ssp=gumgum2
Request Chain 279
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%286EQG8C8Glv7ePbhxQlclpj9qcpljsbRwoaVvJchMVGnQu4aHvkjo7o4pLg4YY94s%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%286EQG8C8Glv7ePbhxQlclpj9qcpljsbRwoaVvJchMVGnQu4aHvkjo7o4pLg4YY94s%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_a100e7ad-8fbe-4ef7-bbfa-55484200b816&obuid=ENC(6EQG8C8Glv7ePbhxQlclpj9qcpljsbRwoaVvJchMVGnQu4aHvkjo7o4pLg4YY94s)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 280
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=9fd207e2-07c2-4c7f-8a69-b7f6b37c8889
Request Chain 281
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1dd24f84-2c59-5a90-62df-375aca4d2799$ip$217.114.218.20
Request Chain 282
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-VWtNvixE2pch_EFFAov88n5RSSywWq7yZ7yY~A
Request Chain 283
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=4bd2efee-924f-4a80-8826-c23103e701ea
Request Chain 285
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a100e7ad-8fbe-4ef7-bbfa-55484200b816&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=7HPdizYvHcL0UY4hdOCY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N2IKBSGS6SZOZEGGTBQKVMTI2DEJ5BVSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N2IKBSGS6SZOZEGGTBQKVMTI2DEJ5BVSJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7HPdizYvHcL0UY4hdOCY&us_privacy=1---
Request Chain 287
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=8mFnlyju93gn&ev=1&pid=558355
Request Chain 288
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=5068110651579253943
Request Chain 290
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT] HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=3757237494770433060&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Request Chain 291
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZQUtHwAQoCl7pAAN HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZQUtHwAQoCl7pAAN&gdpr=0&gdpr_consent=&_test=ZQUtHwAQoCl7pAAN
Request Chain 295
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZQUtIMCo5tIAAE81UBQAAAAA
Request Chain 297
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=RmrSYzCVMfTBJ0lGOHUq&pi=gumgum&tc=1
Request Chain 298
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 300
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=2031601055 HTTP 302
  • https://sync.1rx.io/usersync/turn/8205491501728770872?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003
Request Chain 301
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3757237494770433060&gdpr=0&gdpr_consent=
Request Chain 304
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 306
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uUNl3L0SZI-iEmLRuUd427lCMd2iFDDQvkcPH73g
Request Chain 307
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4380659188768351338&gdpr=0&gdpr_consent=
Request Chain 308
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7279273983894681742&gdpr=0&gdpr_consent=
Request Chain 309
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HdJPhCxZWpBi3zdayk0nmdly2hQ&gdpr=0&gdpr_consent=
Request Chain 311
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMHRFN0tDbG9BQUNYMkJvVzNzdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAC0tE7KCloAACX2BoW3sw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=636785634354218016&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAC0tE7KCloAACX2BoW3sw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D636785634354218016%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=636785634354218016&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAC0tE7KCloAACX2BoW3sw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC0tE7KCloAACX2BoW3sw&gdpr=0&gdpr_consent=
Request Chain 312
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQUtHwAQuzaslgAb
Request Chain 314
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbb949607ced042f3a72ea0c550381a2b
Request Chain 315
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7F931A00-F6CC-4838-8D36-CF34C7AC9665&gdpr=0&gdpr_consent=
Request Chain 317
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7887662680556711373
Request Chain 318
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829925329579
Request Chain 321
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 323
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f5MaAPbMSDiNNs80x6yWZQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 325
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1733383902 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7F931A00-F6CC-4838-8D36-CF34C7AC9665
Request Chain 326
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7F931A00-F6CC-4838-8D36-CF34C7AC9665 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=M2JhaU1KUEd2VDZSSG13R25pa3N0MjZRZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=3757237494770433060&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Y5MzFBMDAtRjZDQy00ODM4LThEMzYtQ0YzNEM3QUM5NjY1&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 328
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMIv1NycoQynibXjMRVK3bw&google_cver=1
Request Chain 330
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3757237494770433060
Request Chain 334
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=f8cdc10e-d394-4bba-be4c-af5c6d4dd8d9&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=f8cdc10e-d394-4bba-be4c-af5c6d4dd8d9&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2937abe1-eb8a-483b-8845-6dd273a60208&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8cdc10e-d394-4bba-be4c-af5c6d4dd8d9&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 337
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8205491501728770872&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 338
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8eee50d1-145e-4fe0-add5-263f3b44c15e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 341
  • https://c1.adform.net/serving/cookie/match?party=1164 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3757237494770433060
Request Chain 342
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9ff4906c-5eca-480f-ade3-2cdf8c27c6db
Request Chain 343
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4380659188768351338&expires=30
Request Chain 344
  • https://ad.turn.com/r/cs?pid=6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8205491501728770872&expires=60&gdpr=&gdpr_consent=
Request Chain 345
  • https://sync.1rx.io/usersync2/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3744543251

346 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wheregoes.com/trace/20234290838/ 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87bea78e77ea4fd4f52fb8891a478293ae260b94ce9ce07ce7d25f7cf0145f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
80765185cdc535ea-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 16 Sep 2023 04:20:42 GMT
fastcgi-cache
MISS
link
<https://wheregoes.com/?p=19>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLbHgMnz0HADVYLG0MOA05Is9fFtYcGBxnYsMY%2FQEsk3y4tGYxzUzLkWdo4ZqzH661Yg5%2Fu4R5CMZJ%2Bf5Gs7ItgOQ4Qk9j5i%2F12Ki7yUNB6E1iY2DIFA%2Bn4ISRHoNfIb2zNnGeFBEQxKG%2Bvy"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
autoptimize_36ce7b13a75e9e69c252317ad35b53f6.css
wheregoes.com/c/cache/autoptimize/css/ 		244 KB
86 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/c/cache/autoptimize/css/autoptimize_36ce7b13a75e9e69c252317ad35b53f6.css
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbf2413b9511bb70a14ab3712ba3e2c2d8974e3253f209a613c15f4257fbdac4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/trace/20234290838/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2098179
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 22 Aug 2023 20:44:00 GMT
server
cloudflare
etag
W/"64e51e10-3d11a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZN6ETPES%2BGbadr%2Fiz6zLqCz%2FIfsda1e8o6lQ9RXutaizH75VZCUjxJOSPVc8%2FVL37fMEdAqXbZhTllkwFWhQcb4beLgbfHDdPiO%2BGh%2FJr7qGJR1gmvuYjCYSxThKF8SZfaSHQ7loXEuiOLsl"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
80765187ff3a35ea-FRA
expires
Wed, 21 Aug 2024 20:44:07 GMT
jquery.min.js
wheregoes.com/wp-includes/js/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/wp-includes/js/jquery/jquery.min.js?ver=202309160433
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/trace/20234290838/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
478
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 22 Aug 2023 20:43:51 GMT
server
cloudflare
etag
W/"64e51e07-155ba"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qTEItWc7%2FmQvEtwfr90B3FHP7TRPhWgBFpdh3QvCP%2FyChfbkO0IAlsauRafJE48gfhX1O1wT1uc14PGHsMpGHWp978DmjRFI1uYgEFt8lM2olPGVa3wz7ToazCnPs6uKVtr%2Fd8qYA4MWSwL"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
80765187ff3b35ea-FRA
expires
Sun, 15 Sep 2024 04:00:07 GMT
jquery-migrate.min.js
wheregoes.com/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=202309160433
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/trace/20234290838/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
478
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 22 Aug 2023 20:43:51 GMT
server
cloudflare
etag
W/"64e51e07-3509"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7nhtNPyuNdVG0lURYeIUOj9mjlNjDQGeAC4v7HphVA1OG7zFLzYzn2MqxBz0lXLgnI35jL6T7rp4Lo%2Fyc3DsAI%2B%2B6n8oFWRVncTrWrG%2FijmckOQQiZO2whH2LI1mMIw1fDnRb5jhWOgfU2P"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
80765187ff3c35ea-FRA
expires
Sun, 15 Sep 2024 04:00:07 GMT
script.js
wheregoes.com/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/js/script.js
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/trace/20234290838/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
885
x-cache
EXPIRED
cdn-cachedat
09/16/2023 03:06:28
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
10.0.0.3
alt-svc
h3=":443"; ma=86400
last-modified
Sat, 16 Sep 2023 04:04:27 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGH3L%2FvvLWPTw3DaUOIJJvOlhokzoGA0TutnUZq9l4K8sCHZwR%2F6WlSVbgmtT5LunUGWIcWxZ2zGbSTW1ZF%2BwVla0dcEaXR3aYxUhQkJOiyzjt%2BGQXb%2BQboVSbEgVvqjQkMwp62cbU5Ov5Qe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, max-age=14400
permissions-policy
interest-cohort=()
cdn-requestid
34d54c9fd24142cf6183160261d9b4d8
cf-ray
807651886e5c9079-FRA
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
init-1144pc80p2fur20uadwq.js
api.fouanalytics.com/api/ 		318 B
726 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8820 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07b4dd66a4906c1952e58f15f366fc769604cc68de1bab05c2e66ccf1fee0d13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:43 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuhylqtcgOOyhIPIT2f2ZgMxIU%2BWgMXZJKFef3mgrWTJaPYbQ4PlV3XgTAfQYi5F3BZg6Jf0%2FiN68bVJ2oov%2F4FZxRKsW7Oe0azUGCfi%2BTfmS7EjXgPpA6NeAOVtRukIR5HMr7BZpxvyWI9owuMvhRW%2FPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
80765188cdd79118-FRA
alt-svc
h3=":443"; ma=86400
expires
0
index.js
wheregoes.com/c/p/contact-form-7/includes/swv/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/c/p/contact-form-7/includes/swv/js/index.js?ver=202309160433
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/trace/20234290838/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
251
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 06 Aug 2023 14:21:27 GMT
server
cloudflare
etag
W/"64cfac67-2a12"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZwnEZ41EkAmzSUu1ax%2BNPAIBOdxjA%2FK%2BkKMMFoDF9ggOgPnw1UCXfc8%2B8qq7l5PbKJa3%2FvbY9DresK16OYDcKd%2B9Xw1rL1ed37Ssdj5hqH9niMSkdLSI7zXoDvU0e8QInVyIXS6tDKAyUbW"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
80765187ff3d35ea-FRA
expires
Sun, 15 Sep 2024 04:00:07 GMT
index.js
wheregoes.com/c/p/contact-form-7/includes/js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/c/p/contact-form-7/includes/js/index.js?ver=202309160433
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/trace/20234290838/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
251
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 06 Aug 2023 14:21:27 GMT
server
cloudflare
etag
W/"64cfac67-328f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zWKY%2Fv0xj5%2FPMu%2FF0i4IR5jHpiHpBdNZ64YK%2Fzoa5TX%2Bh%2F0DwXZXWXOExTeZ6PIsd1sAZNZvGXr6NQKnXeIZbex8EtmYcMcJ%2BfYYmQIhkgDWqJicHMOW2oVM1mCT1FDIvnk26o3RMkO2iUNz"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
80765187ff3e35ea-FRA
expires
Sun, 15 Sep 2024 04:00:07 GMT
main.js
wheregoes.com/c/themes/custom-theme/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/c/themes/custom-theme/dist/js/main.js?ver=202309160433
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f4129c1cfc1a9fcb2e94b35853f3d2085c0807564e37971d1ccb6ef2a7e852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/trace/20234290838/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
251
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 09 Feb 2023 20:32:40 GMT
server
cloudflare
etag
W/"63e55868-1464"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4r49YJ4d0XStvBrTl7wqz%2Fq5Rh%2BFyKOalwnpzrNKZIvOvDQDnVR9X3ZYeg%2FEoj959lftcUpRQMaXifVzmjnI7%2FK1acUhtWDw5VLDOE%2BFxJ88o4Y4uE2StWp%2ByPS4Bl0IgjQ6Mb2b6GhSICR"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
80765187ff3f35ea-FRA
expires
Sun, 15 Sep 2024 04:00:07 GMT
wheregoes.js
cdn4.buysellads.net/pub/ 		488 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
d9e688054b15255631726d14efb2aa3edaa72d1f079ad188d6faf157d0ec8e97

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:43 GMT
content-encoding
gzip
last-modified
Sat, 16 Sep 2023 04:02:22 GMT
server
AmazonS3
x-amz-request-id
58NKDDFA57AZ4FME
etag
"dddf7d8b5c2674492c2cefb2165cde20"
x-amz-server-side-encryption
AES256
x-hw
1694838043.cds254.fr8.hn,1694838043.cds234.fr8.sc,1694838043.cds234.fr8.p
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-id-2
gHoN2df3GT30gRnJvt8nU81bd7MqNdIbFMrzIr978dZZBzbyjkWO4o75GfiOj69SJojPokcPVqI=
logo-h-blue.svg
wheregoes.com/c/themes/custom-theme/img/ 		15 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wheregoes.com/c/themes/custom-theme/img/logo-h-blue.svg
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_36ce7b13a75e9e69c252317ad35b53f6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/c/cache/autoptimize/css/autoptimize_36ce7b13a75e9e69c252317ad35b53f6.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
36493
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sun, 11 Apr 2021 19:20:03 GMT
server
cloudflare
etag
W/"60734be3-3afa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BaPxKpOi4MKyMwdmN1R62rXGgSK%2FIbOUDeJsdLoAM%2Fo4jgS4gOHRp9PcpDUMVhqMXJ1RdvWJ3%2FwYVwzhlpyMf0rTh%2BQdaJntt6%2FtJXWUqYn5T9qlXD4Hp6KKL0FUrNA%2BYVwgYjbKKQnYsse"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
80765188ae769079-FRA
expires
Fri, 09 Feb 2024 21:14:10 GMT
wheregoes.woff2
wheregoes.com/c/themes/custom-theme/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/c/themes/custom-theme/fonts/wheregoes.woff2?90359859
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_36ce7b13a75e9e69c252317ad35b53f6.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b

Request headers

Referer
https://wheregoes.com/c/cache/autoptimize/css/autoptimize_36ce7b13a75e9e69c252317ad35b53f6.css
Origin
https://wheregoes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:42 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
18858962
alt-svc
h3=":443"; ma=86400
content-length
8024
last-modified
Fri, 18 Jun 2021 18:52:37 GMT
server
cloudflare
etag
"60cceb75-1f58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufbkSGubf7e%2BHpZDU6jH9jjRaao0GaEbxSF57fOFu%2B%2FMdQ8liZRmFmbMDJBNu61bmsiZEEMmCU2KmrTKR7zGLyqY%2F1kwP5FM4ZR%2FgDbqRGfQZwFBHE8a%2FskKUF7WctoLqT5wWqKtW%2BGJpInm"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
80765188ae799079-FRA
expires
Fri, 09 Feb 2024 21:14:10 GMT
95d043ea-01e4-4310-ad17-2b3d33577e02
https://wheregoes.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wheregoes.com/95d043ea-01e4-4310-ad17-2b3d33577e02
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
event
wheregoes.com/api/ 		2 B
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/api/event
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wheregoes.com/trace/20234290838/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Sep 2023 04:20:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
885
cdn-cachedat
09/16/2023 04:20:43
cdn-pullzone
682664
application
10.0.1.5
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F4VGOHy4bR3HcbYZCMQB
cdn-proxyver
1.04
cdn-requestpullcode
202
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QZpt8jxeN3Obn4WH0XB4DzD%2Fag73%2B73FWIFCVl64oQMhxwRMpc5SC5QfZ6mAnjDhsNIW4ZNVT7n9xNJJAl0nZucb2brN%2BQLQmSld1GWZl3g8Guq%2BG7aAIdF9SeNT5860Ym9HvRzDj81qr2n%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
cdn-requestid
b2f067bc06d2513ac49ec4c78df1c5ac
cf-ray
807651894ec59079-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
wp-emoji-release.min.js
wheregoes.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wheregoes.com/wp-includes/js/wp-emoji-release.min.js?ver=202309160433
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/trace/20234290838/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 05 Apr 2023 20:53:50 GMT
server
cloudflare
etag
W/"642ddfde-4904"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxBP2ygmXSdzkfvkK%2BFnSUUsiVXXWyeAP55oVMZaS8KMqpl4Mu3FCpdgC0%2BdL6c8tkCiLwqxdbHcxJpo7N4iiTmWze%2Bk1bi%2BpTfFVqDEKtZgSCyv7078jiyb0NdnjwY87HoIfrUmrCUM8crt"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
807651894ec69079-FRA
expires
Sun, 15 Sep 2024 04:00:08 GMT
pp.js
api.fouanalytics.com/s/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/s/pp.js
Requested by
Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8820 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b206c4dae798a4c2463de84f9112ed6db30d5ae85de7dec6f03d9cd3cf999e33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:43 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
69554
etag
W/"64e861de-3bef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zRh7Ua9jPljuNqTYeqL1AlXmlIvckim3bhOOnnMp4537Ajrl66wQyPJTyQSHIR6djkCEdKeXkS%2BpIs2T5qung5U%2FNOzXGWxnGR4l6bNVUm9V91S%2FTaIDEm%2Blq4M6uC6K0J2tKePdH7B35rwd252ztl%2BRVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=86400
cf-ray
80765189fe8d9118-FRA
alt-svc
h3=":443"; ma=86400
truncated
/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991

Request headers

Referer
Origin
https://wheregoes.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
x
api.fouanalytics.com/api/ 		0
451 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://api.fouanalytics.com/api/x
Requested by
Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8820 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sat, 16 Sep 2023 04:20:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4VOaq3OxvEjQPGnir103zBIO7udiNIsN4xACFVg1LoG5b8XxoU3AdqxLZqf6fooi8kHuIDb8MZG6CJ0LgpmHlGoBPfmlGnkwY14Ty6LFK5ZfIGP5fwjj5%2B1EyJnb9vAEmAUm%2B9%2BhxruKxY%2FHD5UTDl8Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8076518baffd9a3b-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e1d9d0f38a2cbbe20407a21cb0595140433d84fecdfe4bac43077334b5283cbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29522
x-xss-protection
0
server
cafe
etag
451 / 19616 / 31077886 / config-hash: 14175700841114183422
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 16 Sep 2023 04:20:43 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/ 		408 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2566f2f20ba122f78d6713a1c25217fd221f65a98cda4dedea1571e2e5df19b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 13:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
51909
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131705
x-xss-protection
0
server
cafe
etag
17641473086515647811
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 14 Sep 2024 13:55:35 GMT
CEAIT5QE.json
srv.buysellads.com/ads/ 		1 KB
721 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CEAIT5QE.json?forcebanner=510632&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.172.55.208 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-eu-ldn-18.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
44be95c04f477cbdcfe207f468e0d9585410afa2dae9780b4724b901dde27b15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
server
//srv.buysellads.com
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
584
bid
ap.lijit.com/rtb/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
117f6b29ec65cc4f9b2e4a332a027da5922d8329472de7383d794099ffccec6a

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 16 Sep 2023 04:20:44 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://wheregoes.com
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		433 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=2&alt_size_ids=55&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=afd3d5ad-4aea-4daf-9c53-3ef235643f7f&l_pb_bid_id=10c4a24ce618f1a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=afd3d5ad-4aea-4daf-9c53-3ef235643f7f&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&slots=1&rand=0.7195041356131164
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3cb3622b6557b22d2de98e3b81bc39fc15187883975047085caaddffcd9e369e

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
433
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		411 B
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=15fb3aee-c858-48af-b7c6-308abc3518af&l_pb_bid_id=118f6dd16a520c&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=15fb3aee-c858-48af-b7c6-308abc3518af&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&slots=1&rand=0.6251382896755422
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b11d96b2b3b3072d0342ae1c5032333740b4b4442274ea7bbdba3079a036af49

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
411
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		442 B
782 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&tk_flint=pbjs_lite_v7.54.0&x_source.tid=bbe464a8-86eb-4787-b88f-3a3c1bd17483&l_pb_bid_id=121a38eea3eeadd&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=bbe464a8-86eb-4787-b88f-3a3c1bd17483&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&slots=1&rand=0.4244870490281196
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
29784b0cc4492436d85f588fadde4ca615be36ee7eb40a2d46b0b18145e20a31

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
442
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
abc796e81da077504483a36e8619f2e6176d626c90eafa5355d55dd0db2ce33e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
an-x-request-uuid
89d0417c-8db2-4a72-a8a2-a4e9667d0ce3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wheregoes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
217.114.218.20; 217.114.218.20; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
379
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
192 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=30932885574&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wheregoes.com
date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
adreq
ads.servenobid.com/ 		1 KB
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5254
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
961fdbb67cdf65238a19d9332533c52cca1f3561583adf6b4101fe14778e9e33

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://wheregoes.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1309ba72d5c9831aca774eb6109704a740bf549ac2c57ff2c0fa84e6cf19acb4

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wheregoes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Sat, 16 Sep 2023 04:20:44 GMT
prebid-request
onetag-sys.com/ 		15 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://wheregoes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&PageUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&PageReferrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
c1bc8414718677f082a40ee0417063f559060ead523c35397e774da0f73edd60
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
22
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
1248
expires
0
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 07 Sep 2023 09:22:37 GMT
server
nginx
etag
W/"64f9965d-ab99"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:20:44 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 02:44:08 GMT
content-encoding
gzip
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
5797
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
rxed9cJwwGpAtApotDPBtkB5VlEoFGBws5MJ3DwfA9f_SGWelQcN4A==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:3400:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
tte_Zq9MCmRAYf9XeFwo9sUIgrBbXCUY
Date
Fri, 15 Sep 2023 05:39:43 GMT
Via
1.1 2f72de1f504b6784c7adb04e7fe314f2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
81662
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Wed, 06 Sep 2023 03:40:59 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
8-sVbAl0k9todhTUKc9kNKIml4MIZxraavqu51LGTxwCqBWK79xXXw==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 25 Aug 2023 19:33:05 GMT
content-encoding
gzip
age
1846059
x-guploader-uploadid
ADPycdsJEoGEdACkPhEpLcadnh3aQlj77UDinvOmb6bbnYP4ZBIZ1c4FNa4dKEFL9W-lxAEBMvtWjPiKZu_LC3LquNuUVfFyLVER
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Sat, 24 Aug 2024 19:33:05 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		139 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 08 Sep 2023 09:30:49 GMT
server
cloudflare
x-amz-request-id
DT5P65FPBPWT4SZE
age
1168
etag
W/"1a5f44cdb786ba83a7fa05963228f464"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
807651902ee918c3-FRA
x-amz-id-2
V4IMDkxuvzX6e7LToXqNpV6+QpGUPejj/VCiHP67kBAUOTAkihYtGtJ5uOA7MEysgKRbWB4UiuU=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36017
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFFAe0iS%2BbHqqmUB2EHo4IOdkxa3hOFoKHPxPbzGQlozjbM3XhBuGxrZO4tgDkAUAEPBGZv9MtIjU%2FLKIiA7Bozo9Zc1TNkr4D8U%2BzHPPKP8iLXrNxLDLNMAFheTjoKIYoETGz%2Byd%2BnH3UB%2BMOY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8076519038015c3e-FRA
map
bcp.crwdcntrl.net/6/ 		60 B
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ce64bcfe9ba8ffbba45472e00164c51d7a641f19b128a0ad5b00c40a9bf8dd62

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache
x-server
10.45.10.206
access-control-allow-credentials
true
content-length
60
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&rid=esp&cc=1
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
f2d9960caa050ad22ee62aa63965eea086fa553fc633772a0332a46bca0e6f89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-YaB98TFMxImErOxcpogOFOJPWIY"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wheregoes.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Sat, 16 Sep 2023 04:20:44 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://wheregoes.com
location
/esp?url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
increment
id5-sync.com/api/esp/ 		0
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://wheregoes.com
date
Sat, 16 Sep 2023 04:20:43 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame B2D8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wheregoes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 04:20:43 GMT
server
Kestrel
server-processing-duration-in-ticks
249516
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame B2D8
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheregoes.com&sn=ChromeSyncframe&so=0&topUrl=wheregoes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=eUlCIHxoVCtVaDV4UDB3d2M4SlJRckRzSEdHa0FBaFlLUEFiYkFYQzFJU2xzQi9xaHVBRWFlU3ZseXJiejMwZnI1TytsODZVaGQ5YkMzQk9TdEs0ZjRnQmNDRlBSclRVNzhib0NtK0J4Yzc3alJuT2d0dDJOZ3RWQ3p0Lz...
419 B
644 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=eUlCIHxoVCtVaDV4UDB3d2M4SlJRckRzSEdHa0FBaFlLUEFiYkFYQzFJU2xzQi9xaHVBRWFlU3ZseXJiejMwZnI1TytsODZVaGQ5YkMzQk9TdEs0ZjRnQmNDRlBSclRVNzhib0NtK0J4Yzc3alJuT2d0dDJOZ3RWQ3p0LzRFblBSZ2d6aWxtZWUzeE1MbmRKVVZ6UzVjTXVHQzkweFVYV2RHZWlZYWJHK1djUVU2YjNxTE54UUZrcmtOM1pxK0dhaVB2ZGhGWG1SUzlZcGRRQjJvWG1YOFJNbmJMQVduN3lncGdKbXI0K00yN0NpTWU0c2hkeCtEQ1dVdlpwUW1IS2FGeG9RUGVyUFVuMFB0ME9vVDBvTVRwZ1I1dz09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7c2869054ab20d21a4402a2a8ab8156e92a303aa39b364faabf9e4f05d344acb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:43 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1093622
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=eUlCIHxoVCtVaDV4UDB3d2M4SlJRckRzSEdHa0FBaFlLUEFiYkFYQzFJU2xzQi9xaHVBRWFlU3ZseXJiejMwZnI1TytsODZVaGQ5YkMzQk9TdEs0ZjRnQmNDRlBSclRVNzhib0NtK0J4Yzc3alJuT2d0dDJOZ3RWQ3p0LzRFblBSZ2d6aWxtZWUzeE1MbmRKVVZ6UzVjTXVHQzkweFVYV2RHZWlZYWJHK1djUVU2YjNxTE54UUZrcmtOM1pxK0dhaVB2ZGhGWG1SUzlZcGRRQjJvWG1YOFJNbmJMQVduN3lncGdKbXI0K00yN0NpTWU0c2hkeCtEQ1dVdlpwUW1IS2FGeG9RUGVyUFVuMFB0ME9vVDBvTVRwZ1I1dz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
339627
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		95 KB
16 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2016699352838929&correlator=4034813714059972&eid=31077886&output=ldjh&gdfp_req=1&vrg=202309130101&ptt=17&impl=fifs&iu_parts=8691100%2CWheregoes_S2S_Leaderboard_ATF_ROS%2CWheregoes_S2S_Sidebar_ROS_Pos1%2CWheregoes_S2S_Sticky_Sidebar_ROS_Pos2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%7C120x600%7C160x600%7C300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1694838044487&lmt=1694830844&adxs=436%2C1091%2C1091&adys=440%2C666%2C950&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&vis=1&psz=960x267%7C300x952%7C300x952&msz=960x90%7C300x250%7C300x600&fws=516%2C0%2C512&ohw=960%2C0%2C0&ga_vid=41393063.1694838044&ga_sid=1694838044&ga_hid=1189058089&ga_fc=false&dlt=1694838042873&idt=1198&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1641228026595-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D728x90%26hb_pb%3D0.11%26hb_creative%3D2676%253A67239551%26hb_adid%3D46d7cc0df8685b1%26hb_bidder%3Dsovrn%26_bd%3Dbid%26_pl%3D0.11%26hb_size_sovrn%3D728x90%26hb_pb_sovrn%3D0.11%26hb_adid_sovrn%3D46d7cc0df8685b1%26hb_bidder_sovrn%3Dsovrn%7Coptimize_ad_unit_id%3Dbsa-zone_1641228120494-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_creative%3D70_63477641%26hb_adid%3D47a344f0c4fa15%26hb_bidder%3Dsovrn%26_bd%3Dbid%26_pl%3D0.04%26hb_size_sovrn%3D300x250%26hb_pb_sovrn%3D0.04%26hb_adid_sovrn%3D47a344f0c4fa15%26hb_bidder_sovrn%3Dsovrn%7Coptimize_ad_unit_id%3Dbsa-zone_1641318529900-6_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D300x600%26hb_pb%3D0.03%26hb_creative%3D2149%253A10274016%26hb_adid%3D50959a95080735f%26hb_bidder%3Dsovrn%26_bd%3Dbid%26_pl%3D0.03%26hb_size_sovrn%3D300x600%26hb_pb_sovrn%3D0.03%26hb_adid_sovrn%3D50959a95080735f%26hb_bidder_sovrn%3Dsovrn&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dwheregoes%26optimize_xp%3Da&adks=1696759606%2C2861055222%2C3809685794&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
905075eea3011ce158c460199e842421ba19f20ec8f450e7f6a2bdcb7382e7d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16239
x-xss-protection
0
google-lineitem-id
5936457995,5936457980,5936457977
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138382844369,138383341090,138383350357
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3aa2622c36b10aca22041aa223c3ca83485bc0960315082ba6d9f39e421cfb39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12164
x-xss-protection
0
container.html
03dd251465dfbbde95fd5c2d6f4d386f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C348 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://03dd251465dfbbde95fd5c2d6f4d386f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 04:20:44 GMT
expires
Sun, 15 Sep 2024 04:20:44 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 9472 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Sat, 16 Sep 2023 04:20:44 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame 740C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyqbBsxNTF3mDRgC-cEE_LyoAABxW6ZWYYH0OMVgqIf-1BvVSoSXRcd_S3ZUockNHY5gVqubUZBjj0v4XA9t9f_cCnGZcyn4y4GxWg513vfEKzagC3b7LNkP-tzND0TP9Tmvig_PDMVKQHEBNIxHklhbju2GZ2NQPXSjIPk9rY5we5O6e_fovRRDYzULgfCoZaFRSEg90udxfQZ5R5SkH_lYnf0x_479e-JoaUGmOs-TM2oD0UnqTGWa2Q8Cf9Fd06V9krpdLSpHNdI7FdGyqh5t5Mu96B4JYUTSKE5UWnKYj_BP_xIAhBqLri1S2ulyB57_wkHUe6RsBvxASdIKjFPV-TyAj1SZoB&sai=AMfl-YRe7y6yfzRZ49jhw7HwvLGAWjF8wWUvmj5CKqVVNXCszBoUSubbLEvpOqRT9qec8MP50vaq7-HjNxuzmHcMrMr3dznmHyJT5YkRluP7TXdT4upbN1JuJlMK-uvEsO72w-ifPXgekPWZ1m-KwNs&sig=Cg0ArKJSzP-CrO0qx8qyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Sep 2023 04:20:44 GMT
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame 740C 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 18:55:32 GMT
server
AmazonS3
x-amz-request-id
XPEA6MZ6FBW711G2
etag
"6247b34aaaa023705aa5146179ffd119"
x-amz-server-side-encryption
AES256
x-hw
1694838044.cds254.fr8.hn,1694838044.cds248.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
8892
x-amz-id-2
i3RAZWW0VYcf0+8PF7IvUr8SjI7Gvl0Y7SYg6WB2neM1Fkobm78Rh1BRhZPYW6C+l+H7tXE0RMk=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 740C 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 04:20:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3758 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmq7AFlf69eYzNq_LT2h95My-EXdzbgDv1IcNMuoq3dVNiD24XFU-fkbQ2WvWdhRr8j7_3H17NfJHsYFrqRapFNMJok5uposBLPJjxSoEmWtCn0onM6sXY59YXFV-0EkClMdJ6g_GY8CQNhUFU3fhgsA3X4_jFsVxQOmIQ9xK6gmv6zs37WPsH2euYjDgdsTG2kJhAfusfTWkd1M8_A-NTGwdjpVCz7RNs-kNcPAiRRypquyD7vxilWwS4GkNQWP4XH9XVwIqfH3VK_qfT2RAzM0mUvKuBuZxpRD3jVdKMN6nkOz_YnXeQ6XYjdE52MgdOuFn7D3wr37Gfb8LnXhselP8ZCRah&sai=AMfl-YQM17zvRK6MBT4tU4MxhvQsIcO0WVrDHDq1-AH1KjszMKpJEV1oXUDg9U8sHdytlZy3ZcYFNQe7qDzye466gAg9a87dL9WTYHQEtuSJ1cAnPZIX5sdj5Vtda1XeyoweUJlvGvJ-Q0w4EElYXjk&sig=Cg0ArKJSzDwmYmFDKtHhEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Sep 2023 04:20:44 GMT
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame 3758 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 18:55:32 GMT
server
AmazonS3
x-amz-request-id
XPEA6MZ6FBW711G2
etag
"6247b34aaaa023705aa5146179ffd119"
x-amz-server-side-encryption
AES256
x-hw
1694838044.cds254.fr8.hn,1694838044.cds248.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
8892
x-amz-id-2
i3RAZWW0VYcf0+8PF7IvUr8SjI7Gvl0Y7SYg6WB2neM1Fkobm78Rh1BRhZPYW6C+l+H7tXE0RMk=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3758 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 04:20:45 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DDE2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsta2NOL-J40x0l9GaIuk3hkNHIkwpM8Xlt2NCb2ICY-TOAoSHThoW5gz9VjV63qZPfkMmG2nWr5Bc4DN44WhSm412ji2BUGuh5FLntpnSbzITpnO_fWpCkjR7Fu_4l4ybk7RfrVPq_p5oqnlbbR_O4iL_Prprck-h0xYJqAKvo9N1U6GxzO6A76mY0u46W47eZfgSLqaC2w0xrYqXnHKU7tuMHY7LsqvBro3YKpgtIX0-ZLGHghl67OMTntFhALc3ge9wesRiXG0xlM9jN-j1_1NDAVr9wEXpIxWFQHNxaVPIOXRqmeqnXzwpQdbxXyn1wUsHrwK5pSbPgSKGpwgVkkxxJxBkQiii_T0waVZg&sai=AMfl-YSFv3qBNwrs03dnH5zWt1JpTXO1DWmQWmiX_NoRoqYfS-Uz1UnQNo5w5u9g_dHYrPWExoc4i4MTthDHmqlsxoJS0YMcHs5oA-zebo8pUhMe1R8kOFh8QmyoHzXiBbBljv52kK_sMF4xOg_onIY&sig=Cg0ArKJSzKA5r23bILqTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Sep 2023 04:20:44 GMT
prebid-universal-creative.js
cdn4.buysellads.net/pub/ Frame DDE2 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
map3.hwcdn.net
Software
AmazonS3 /
Resource Hash
3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
last-modified
Mon, 11 Sep 2023 18:55:32 GMT
server
AmazonS3
x-amz-request-id
XPEA6MZ6FBW711G2
etag
"6247b34aaaa023705aa5146179ffd119"
x-amz-server-side-encryption
AES256
x-hw
1694838044.cds254.fr8.hn,1694838044.cds248.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
8892
x-amz-id-2
i3RAZWW0VYcf0+8PF7IvUr8SjI7Gvl0Y7SYg6WB2neM1Fkobm78Rh1BRhZPYW6C+l+H7tXE0RMk=
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DDE2 		182 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57988
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1694604874705780"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 04:20:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 16 Sep 2023 04:20:44 GMT
/
track.adform.net/adfscript/ Frame 740C 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=67239551;rtbwp=A3B4F555EEFA3632;rtbdata=kfkPQ_6tnM8XaMHxV2IFya-kHeLxSZqDLRSS-n0iNrW6Bn5Akp7xHTnIJIZjWBb2zdrzuO6I_lfDyeH4Lk7SGQJuNVU9xy4KDR_xlNuELWr_ybo1XlsabHuaXvd1Z5D8ikSyMY6XAlx9JGJvq8YnagNq94qtAs_uALqA4p0WcUclFTGzWmKMpo92d3By-GLz7TZYM-w18blWeC4aXvnX4hi1M2vhVm_PTRcTXNXaf9kexR5bUXfDEd_8XFAedtKw0khXRwdaSoE522vNtB8Sk8N-eG7y1UnI4UFuhV40q881;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/ams3/0/73d42cf2-cf8a-4ae7-a723-6e70883ad2a7/
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1ec6c3522fe5d80db629d1b09bba98f4aa174273c076f859cdebfacd7462e8e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
937
expires
-1
/
track.adform.net/rtb/billing/ Frame 740C 		35 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.adform.net/rtb/billing/?bn=67239551&rtbwp=A3B4F555EEFA3632&rtbdata=kfkPQ_6tnM8XaMHxV2IFya-kHeLxSZqDLRSS-n0iNrW6Bn5Akp7xHTnIJIZjWBb2zdrzuO6I_lfDyeH4Lk7SGQJuNVU9xy4KDR_xlNuELWr_ybo1XlsabHuaXvd1Z5D8ikSyMY6XAlx9JGJvq8YnagNq94qtAs_uALqA4p0WcUclFTGzWmKMpo92d3By-GLz7TZYM-w18blWeC4aXvnX4hi1M2vhVm_PTRcTXNXaf9kexR5bUXfDEd_8XFAedtKw0khXRwdaSoE522vNtB8Sk8N-eG7y1UnI4UFuhV40q881&winparams=d1cCk9ENN0VxURYYTdNpB4p9HM83XWaiy2nYn4UiJoNxC31HnPXspgsptvGhoNX88SToQFloQbO8U7EuhrBf8VX0b5KNHciw286-tUrNWNyoy-4otgeXJ66ULKRXfpdmdOTaGNjTQhPbx2JYUG1TAtpCBKuUw0J-JTmKJ0v79DqOu-3f-BsD382i2lQ9jwGuc2f8WIM1AAojxi7R-KkieYNrThBD9qfjn8uOwyXu0i41
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
expires
-1
73d42cf2-cf8a-4ae7-a723-6e70883ad2a7
beacon-ams3.rubiconproject.com/beacon/d/ Frame 740C 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/73d42cf2-cf8a-4ae7-a723-6e70883ad2a7?oo=0&accountId=17960&siteId=185824&zoneId=911674&sizeId=2&e=6A1E40E384DA563B9F29C27C7879F45B278A96AAAC0752F27435BFABFCD54769A74EFF2353B3941AF0AE75CD9C9DAC667B64F388DB70D0E9ED58574ED1AD0C546EF8718A01B36CFAC5E174E8FCB67C07C7A67431C0438A011D51A90AA3C214F9228FE356679218EDEBCB9DDB564CD7926390224A5A5513F6A215C828D1D91A058DE70977E3DAE9127E625848872D964AFC3BE8685EBA97EB3EC58A9B2B061BFB142C835154B0B9695C02DA97A3F3134103CE1A7C3D4CCA1E304122A82073C0E5AF3E6FC487B256AD
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame 740C 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LMLIT8I4-1V-7MEN
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
t.dhj
pxdrop.lijit.com/1/d/ Frame 740C 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=wheregoes.com&pn=%2Ftrace%2F20234290838%2F&pubid=buysellads&v0=54916
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:44 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Sat, 16 Sep 2023 05:20:44 GMT
impression
vap1ams1.lijit.com/rtb/ Frame 740C 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/rtb/impression?i_data=Wcg9jnsJGJ9EUvT8cqeW3BQaXyCz2bUT2ABj52YGlUqoMOLwMoYvsXvMIqZq4wD6bdAE7b5W9YS-xd1UpAWniHAtAjGlQpZG0GatnklkVlQQ37aQEWsylYbzidw-cFGAJ3hl1GfEchTFUqZJx4LmBKVqA_yNY1q6nGD81WILonkCllAVZEc3c_DyTh81XuLrJMVcPzDh9wjS33tp85D3ggo0iEzT_EtgLJYq3p8BqSxObuK-nZSWLY4SNbsa4BvCIRvwPwJgL1VcYzuGEX1_nCHg_8JjLDBn_tVee_dZG3KxmOiV_LlgaDSRO9xI5hu-rzm-DcsYVCP-Aor1KN_hWCWly4zzj7gbzFKNrwvKWd2cCwZiRCZZ&bannerid=209346&campaignid=3387&endpoint=PREBID&prebid=prebid_prebid_7.54.0&rtb_tid=beac1c77-3502-455f-b618-26530b7f5b67&rpid=80&seatid=2676:9890&zoneid=995484&tid=a_995484_a0407402ca9f478f850298647f734365
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:44 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
/
track.adform.net/adfscript/ Frame 3758
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.0523/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R63477641_Qrtbwp_R_I_WAUCTION__PRICE_X-EJ__IZKIAq55oUbYqKknhMla6-2Mw39S00_Qrtbdata_R0L1ZDbaSoQedTd0GZbZ...
  • https://track.adform.net/adfscript/?bn=63477641;rtbwp=0.0523-EJ_IZKIAq55oUbYqKknhMla6-2Mw39S00;rtbdata=0L1ZDbaSoQedTd0GZbZXOPsSqURZ8OZSjomTqSl4TT2ttMP3jKOsfmmTFnbExOITjrvt3_gbA9_NotpUPY8BrnNn_FiDNQ...
936 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=63477641;rtbwp=0.0523-EJ_IZKIAq55oUbYqKknhMla6-2Mw39S00;rtbdata=0L1ZDbaSoQedTd0GZbZXOPsSqURZ8OZSjomTqSl4TT2ttMP3jKOsfmmTFnbExOITjrvt3_gbA9_NotpUPY8BrnNn_FiDNQAKI8Yu0fipInmDa04QQ_an43LOVWHVpGky2r6JLcaX_2Abz9RJntpJYx345yz3_Yw3FQLMVb2a6WhoRbD3iOdkLt6ZLIIHSytiE5zcbUUxXPuyUBkNx2AAzA2;;OOBClickTrack=
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b53eec73ad80c42b6ade20cacc84d5a78112e7ffc7b041ca9722aa374a05e3bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
797
expires
-1

Redirect headers

Location
https://track.adform.net/adfscript/?bn=63477641;rtbwp=0.0523-EJ_IZKIAq55oUbYqKknhMla6-2Mw39S00;rtbdata=0L1ZDbaSoQedTd0GZbZXOPsSqURZ8OZSjomTqSl4TT2ttMP3jKOsfmmTFnbExOITjrvt3_gbA9_NotpUPY8BrnNn_FiDNQAKI8Yu0fipInmDa04QQ_an43LOVWHVpGky2r6JLcaX_2Abz9RJntpJYx345yz3_Yw3FQLMVb2a6WhoRbD3iOdkLt6ZLIIHSytiE5zcbUUxXPuyUBkNx2AAzA2;;OOBClickTrack=
Date
Sat, 16 Sep 2023 04:20:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
sync
aws-fr-sync.bidswitch.net/ Frame 3758 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aws-fr-sync.bidswitch.net/sync?ssp=fmx&dsp_id=70&imp=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.36.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-36-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
t.dhj
pxdrop.lijit.com/1/d/ Frame 3758 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=wheregoes.com&pn=%2Ftrace%2F20234290838%2F&pubid=buysellads&v0=54916
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:44 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Sat, 16 Sep 2023 05:20:44 GMT
impression
vap1ams1.lijit.com/rtb/ Frame 3758 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/rtb/impression?i_data=52Lr6ghIirywb7Tf9YB7PyFxXygAvGM_hOdjG965I9llX3TEWnyceBzfBdEQNKu341Jv6s5M6XI0Pl3LZexJkRFVXVzLCFnlZlxn5dMC-f_YIzFxGpoWdMAlPJHUqBRoChuZUxE6VMXur_bXqlhDhPRQHwQ0Ox3gtWgWaxDH3SLenY4ACU4fVTyMJyJN0YaXyUvS6KbaJpvUDqesByetiV-vVmhSSFrsTRLgW4vWQW52NW56sr8tnpqhc3RDrVo1hsJHUPp8tyTR1fFhxdK_5DhKCy3qAuZ7N6x5xsuuNBWDQa-e-j845Us6CPkmtbXBrGl7e4xVcMex9RlTQG7YdzCiW_lXiJkxFRWF2DTd&bannerid=40972&campaignid=1769&endpoint=PREBID&prebid=prebid_prebid_7.54.0&rtb_tid=caa0f224-461c-4774-b853-8b5a281256a7&rpid=26&seatid=70&zoneid=995483&tid=a_995483_59d2998995df42e9a8c8c2f34622d71c
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:44 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame BEA8 		271 KB
70 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e9c2870dc8fc452d3461e6e0ef19b042bd50b21606c09c38ee6ca988ed8143d7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 04:20:44 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Rmbj6g-ettJpq_JJtDT3dV9_99gl7JZResyzFyUmB5FQcat23DlTa1GRlD2xJsZlAyi7NiWO8a4NFX2-cInTgNWd9UHSP8I1aZA7S8gJnZqqd926vY4IoAE5eyQJkz2Se_au3wE2-FKcGgZYJA-zgJ25wVdjFEB1kUKmypTkrGPOw11fjpokPN1x4EvouNkogDFNxob2Dkh9LvxtjV8O1_5RIglDGdbXMX26Uu91ZjJVTCOARiiKXHWaXdobzREgAaXEIA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
70865692
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8878 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Sep 2023 04:20:44 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame DDE2 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=8128488
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:44 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 16:20:24 GMT
Server
nginx
ETag
W/"64c7df48-22bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Sat, 16 Sep 2023 05:20:44 GMT
t.dhj
pxdrop.lijit.com/1/d/ Frame DDE2 		0
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=wheregoes.com&pn=%2Ftrace%2F20234290838%2F&pubid=buysellads&v0=54916
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.17.100.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-17-100-211.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:44 GMT
Cache-Control
private, max-age=3600
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Sat, 16 Sep 2023 05:20:44 GMT
a1bd69dd-d4f7-4988-afe5-407bf09efbc2
beacon-ams3.rubiconproject.com/beacon/d/ Frame DDE2 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-ams3.rubiconproject.com/beacon/d/a1bd69dd-d4f7-4988-afe5-407bf09efbc2?oo=0&accountId=17960&siteId=185824&zoneId=911674&sizeId=10&e=6A1E40E384DA563BF1562D43EF34FC11602ED119C5F4B1F870997B3A50127446F87C9F8788118A4934CD958571763822B578069B83F7206CB4371234EC89EE3F0848AB2C4378F143B44A8E9FBF9D4DB43219D03FADA423AB099A8CB1DDBB2C63D68AE49A31795BF51F7561C7810C81B7BE6357179FDFCB1F793A4BD6FE8F1DC40C546F78C2F35BAF9DFEE07809DC8464EDBE608A059B36EBB7EE8647A374CF276F113A101A30F385488443A06441287A6CA8B981DE43AE44423635248433E9C4D407D75D7D856DCF78C35FCCFA2133347BAE3440DCEBC8CA7273D1AC4741DC7A5C389854D3447237DC2A1D1EA5F9192FEDA78C1696B72D4DD511760D73C9D5C3B92BA487B937630F48372F772B62555B8F0138B3432F04B375BC58B46F2326DF2D2985D2AFF39497381F4427C917A80257D950DAEC9F3F9EA7657C12280AF5BE1A45602F87C194FF6F5484B3AF255A74D88B4A07A25F9611211BAE9F108D808FB95054020148050C703DFF9D220278E4FA12235AAE9BB1DFD546C490CB94BE2F3840832258FB4D56E5557B5CB48EA1E0FF31A76B94C05EF6EAFE0F3C749FD2A913D2CD22A1ABAF9095A49ADD604D7BED9C55DC39179330239BA609221170DAFB3443A62B6B8BB7D7B2DA51275FBA1EA022DBA2A042A268410635632FF89EE32CE5474FF4FBA7D7CCECCE90344939B77F95FA52F6F6009A85882908DEBCB2A217A2F0EFBE2C0B12CAFE4008AA171849157D531F3586C035234BBE71262AA57814C8AA3D27E1DF804460E32445E303804F743711C3FF3B6BFD9E45D5A9CB26009B2D0FBF31A6A28AAAA5CF1D7F558F875B372BF28E48D7FDEB724C25227690541E9D4CCF1382F0EFADFE277EB8AF1B1C6F0A7A6A69C2870BDC1E2531C882C601F777C9DB39D449D7279C5EBE7FC2336F5C3783A50CD4373AC5713BD27459E11FBE41908DEF404F5E7C20BD2B32F754491BA1FE388FA616EB58BC7DCFF505EADBCADE914C3AFE8722652166D63C155F366B373EE1989A0E58495D3877F34FE91D0FEE2104AFF7A22B031DBAE7D556E3145C8E134539A0746A1172FD0823266D1FA91044B0AFD5AA1326D27D8DADA3580F6A9A8086E47961C6E8AF79E607BD6FAF7A01B161855D5543C4DB36492CD3B0E635CA87C447470F92CF7E2E4770DC6FF66C0DC7BF3CB9A3D58D9350B6BB90D0FD602234D5806C32D35668B149EB0C63033D
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::27 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:43 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame DDE2 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LMLIT8I0-V-KDIF
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
impression
vap1ams1.lijit.com/rtb/ Frame DDE2 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/rtb/impression?i_data=LEi-prbScM-CAVMG1j71N9xI20qWXMR6_8WDjR7dDjPI7iFLMsDGDtE_HcBdnS-T_10waq-8malXR7hqdbrgwsTSbiA3XYc523obDa7T5m5_e5zhZwgWcMyqqfmghRNRpK8Ns1o3_ExfFSiOAEOEFEk8j9kTAuDhn1SqiBN_76Rz1Ezq-bKIAX0JAlkIMYp098lCIaGu41YfT4TbgYEIhbxordxLOBtH8f7_rFxlxhQquGeiAT0isVVFJ_1JbJckrk4BGBnnq0VnhXATJoPZmkYEpsjUgSyqDXUBTPKE0BMEYVq1CtbNtRRHo0rxxFHaLsRnKWCejkCvlaYhlXbo_JDSZNYvpS6-QHIjy51hSSqrB-pdcq11oRyLIqvURA~~&bannerid=223394&campaignid=3391&endpoint=PREBID&prebid=prebid_prebid_7.54.0&rtb_tid=e02f754a-9f6e-47fe-acb7-3ee6f31c7a96&rpid=83&seatid=2149:5295&zoneid=995487&tid=a_995487_3ab943694a5f41abb16e7bcaf2df9544
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:44 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8DB9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
28104
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Sep 2023 20:32:20 GMT
expires
Sat, 14 Sep 2024 20:32:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A559 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
89f1a26e9285d896961ede224587a8413356c85a8306f2cbf7f6f65fb84b4b88
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Kq_ZYUrsYBTrITXZlsOtig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-Kq_ZYUrsYBTrITXZlsOtig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 04:20:44 GMT
expires
Sat, 16 Sep 2023 04:20:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 8878 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:44 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:37:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40579
Connection
keep-alive
Content-Length
10521
Expires
Sat, 16 Sep 2023 15:37:03 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 740C 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67239551;rtbwp=A3B4F555EEFA3632;rtbdata=kfkPQ_6tnM8XaMHxV2IFya-kHeLxSZqDLRSS-n0iNrW6Bn5Akp7xHTnIJIZjWBb2zdrzuO6I_lfDyeH4Lk7SGQJuNVU9xy4KDR_xlNuELWr_ybo1XlsabHuaXvd1Z5D8ikSyMY6XAlx9JGJvq8YnagNq94qtAs_uALqA4p0WcUclFTGzWmKMpo92d3By-GLz7TZYM-w18blWeC4aXvnX4hi1M2vhVm_PTRcTXNXaf9kexR5bUXfDEd_8XFAedtKw0khXRwdaSoE522vNtB8Sk8N-eG7y1UnI4UFuhV40q881;;OOBClickTrack=https://beacon-nf.rubiconproject.com/beacon/v3/t/ams3/0/73d42cf2-cf8a-4ae7-a723-6e70883ad2a7/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:23 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
UPDATING
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:02 GMT
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 8DB9 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 20:32:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
28104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Sep 2024 20:32:20 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 3758 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: ghent-aws-fr.bidswitch.net
URL: https://ghent-aws-fr.bidswitch.net/imp/0.0523/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R63477641_Qrtbwp_R_I_WAUCTION__PRICE_X-EJ__IZKIAq55oUbYqKknhMla6-2Mw39S00_Qrtbdata_R0L1ZDbaSoQedTd0GZbZXOPsSqURZ8OZSjomTqSl4TT2ttMP3jKOsfmmTFnbExOITjrvt3__gbA9__NotpUPY8BrnNn__FiDNQAKI8Yu0fipInmDa04QQ__an43LOVWHVpGky2r6JLcaX__2Abz9RJntpJYx345yz3__Yw3FQLMVb2a6WhoRbD3iOdkLt6ZLIIHSytiE5zcbUUxXPuyUBkNx2AAzA2_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/8k6ikb5a1e7pVXOhmLyrCr6DK80urWpNU_AoOIvSB3tNSHfyWImd_gagBvQdFfPIPVQpS_B3Ydo9Ttfv_P3phEdwlRFQAu2PRBh84VLngtYznNImF5FDrYiNliYArGvfaut3NoQ4wfvTnP_-ijBnX-vGf4ypsGtRmNOgQlaxu_uFNptbKBrqya0q6GicCzUF4eFdwsffSFquJHd8Pyl_mLRNKW712UCutr4Fx5rtHazrUpd5S98_cEDOzJm4yyM5kOKnE_YjWNQbL8m_anxJen7AS4IA3CAvnO4aJzp8BmwrP47_5MToX98eMSm5wtVyAw6ncZpB4J24WBK3BD8LXdgBGc69gk7ynKeAa48FTTu4DH3-HksfmbDchTyAMG9d1VNNhu4We3EEJ99Ha3yJ7N8EjUO_g-4-cZAjMIDQ4-Nltb3BZYFWvdae-7ZmRzTu380H8IvXSH67Wx08oIR767n8v8FtBZ36XUgWGPH0aNbgjThoZu-aQDYQ0CkCaqd_FD5uu8JDwJCWpNmBS9AtaAZKpLNJ7lsfqtayB0QKAICq_Pxkhku7-3IGYk03OG_bOImFz1KfeIdrQjbPf6YwkCMlIk665BJTFqqC1_Cn95kBRD8kTg8quCjj1P1hrgr1q13kGTfXBGRTWHELtOopEeA6bNcFmuCULZrA-_a9OVkFcmcp1pTQE2rU9x8hviCFD3gI4M1b2vb2drzoTEoqgW5_Ip55PqTaoUhagZ7ZimhZuof_8lrqfnT7pzASVB6yiNU0EnKspzp73Y-Gc5sVvQdUaknD4Ajt-6T3I844_Fljj5okVYMtOPxFdmhbmdp8tfevZnsx3FQ19fVm8GHtaK6AK3hv0RoZU5BWozuHBsmyf3shNZgYmfL27GgfZ1mVWPIyaRdoL0MhNY11JBWsVKR4QIa_1Aeg0lMKWs3If7yiNQwMAhM7t53nbErV3lNTzlqIXu5-dbUf8zK9aTJLkI7bXRWiziKpTnyloBe0aSKCYdTNiuvHaovSxh5vMwiSpThVGoIzL4hKOGQCtJHKbeYVKR5oKqfjmt6uTyJ0bN60cq9_HpWHTWFQwX9YzlJFEvUiQuRDlKWtvqiiDjbfq2tGTSYhuy-w3ym0_NW9B-s/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:23 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A559 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309130101&jk=2016699352838929&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers
privacy_small.svg
static.criteo.net/flash/icon/ Frame BEA8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:44 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame BEA8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:44 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame BEA8 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 10 Sep 2024 04:20:44 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame BEA8 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Tue, 10 Sep 2024 04:20:44 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame BEA8 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=K58drh7dkOgLmdqOLpuZAWF8pYs3C0A9vNqN4Z8lXlHLzTl_UsJlC0XW0XC6gF6qIM-__8eL8j8EKRVvDk3dQ-Eb3l3naEetHUiXCnFu5fPPy3cN7n8APMSQafp0URvQQI00LQhbqffPQAh8l62I7XiWfsqX_iUGD5eG2zxwl-WhNxvpA7YUJ176eWIJjIiEW2Mu2NBvVHaRAPfO88Iyyeh7PRFu1A8ECEOyeXbkIVFG7nfNfGijsd2zcru-HwOFS535UqpbtS2aD2G7XsA5IdB7NSo4kW6Xrgbwz6WVx-52e05GtDtde0Cz3h_8_7KiyTXLtgKnPbNgJkEN0A6KY5Gp1Vs-KDM_fXza_f8G1dVGdSbRtQN5fw02Znx0jeQQH8ix-kXqPQPND6-0HNQnwn-yOGG4qnYkuBJXPjvuHRDZcZY5Au826ubNob-Tvl0ipWt1TU7fkKGcYBel-thQQE00rO4QvSFUrW4NkfmZk9x6ZZBu
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2502753
expires
Mon, 26 Jul 1997 05:00:00 GMT
adl_v.phtml
pv.claudiepierlot.com/ Frame BEA8 		0
0
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame BC7E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=65052d1c90db292b7428c5b28887382b&r=https%3a%2f%2fwheregoes.com%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
11ae8459907621edf2c5898c5afa0c057458cffdc77e0c2cb5888cfaa407382c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Sat, 16 Sep 2023 04:20:44 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
2246999
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
tap.php
pixel.rubiconproject.com/ Frame 8878
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/_MhlG4gBbVdSWkWSWy3kMg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NVrvP1hE2oKDbLAnOVjqQ5XeNtpED7SMiiVnZg--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NVrvP1hE2oKDbLAnOVjqQ5XeNtpED7SMiiVnZg--~A
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-NVrvP1hE2oKDbLAnOVjqQ5XeNtpED7SMiiVnZg--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 8878
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMLIT8GW-5-92YU
0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMLIT8GW-5-92YU
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: E1297E3E2FA84E05A6F62B2220F0F3CE Ref B: FRAEDGE1912 Ref C: 2023-09-16T04:20:44Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFcjug0AXoysGDEbOEww==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMLIT8GW-5-92YU
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8878
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tQLl-BE7TQGfU9UGwCe7YQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tQLl-BE7TQGfU9UGwCe7YQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tQLl-BE7TQGfU9UGwCe7YQ
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A4VENXQTQHS0M5G26PCQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tQLl-BE7TQGfU9UGwCe7YQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8878
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGFjMDEwYWNiZDIxMGEwZGZiMjcyODczMGVmOGE3ZGVmMjI1MGZmNg
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGFjMDEwYWNiZDIxMGEwZGZiMjcyODczMGVmOGE3ZGVmMjI1MGZmNg
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NGFjMDEwYWNiZDIxMGEwZGZiMjcyODczMGVmOGE3ZGVmMjI1MGZmNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8878
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1MSVQ4R1ctNS05MllV
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBIKsDvh_PFQgcyCFdurcqE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1MSVQ4R1ctNS05MllV&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1MSVQ4R1ctNS05MllV&google_push=
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1MSVQ4R1ctNS05MllV&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8878
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LsJkssswS_aR_ewUiPAE2g&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LsJkssswS_aR_ewUiPAE2g
43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LsJkssswS_aR_ewUiPAE2g
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:45 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2NQ8SFV0J0VX2T2ZQEFN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LsJkssswS_aR_ewUiPAE2g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8878
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP5BVqawU3RKpnHaQU9veYs&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP5BVqawU3RKpnHaQU9veYs&google_cver=1
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEP5BVqawU3RKpnHaQU9veYs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 8878 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame BEA8 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2636880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4418
last-modified
Thu, 22 Jun 2023 11:22:44 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942f04-1142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUHd0P2YmoDuiV1opijhvQxzY%2FvYmY96WkoHfs3DBHXtPYEyZf%2BqPMJ0kCwvoQNrqlSocY3dScSr6qW1YEP9uifdJ5QS8JRtMGL%2Byfyiqz2kgQDoeQ9B8myVRVZBpi0gxcdu4AC3K1gqCef7LElVnLBP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
807651954e4c3a9c-FRA
expires
Thu, 05 Sep 2024 04:20:45 GMT
/
track.adform.net/adfserve/ Frame 740C 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=67239551;rtbwp=A3B4F555EEFA3632;rtbdata=kfkPQ_6tnM8XaMHxV2IFya-kHeLxSZqDLRSS-n0iNrW6Bn5Akp7xHTnIJIZjWBb2zdrzuO6I_lfDyeH4Lk7SGQJuNVU9xy4KDR_xlNuELWr_ybo1XlsabHuaXvd1Z5D8ikSyMY6XAlx9JGJvq8YnagNq94qtAs_uALqA4p0WcUclFTGzWmKMpo92d3By-GLz7TZYM-w18blWeC4aXvnX4hi1M2vhVm_PTRcTXNXaf9kexR5bUXfDEd_8XFAedtKw0khXRwdaSoE522vNtB8Sk8N-eG7y1UnI4UFuhV40q881;;oobclicktrack=https%3a%2f%2fbeacon-nf.rubiconproject.com%2fbeacon%2fv3%2ft%2fams3%2f0%2f73d42cf2-cf8a-4ae7-a723-6e70883ad2a7%2f;js=1;adfxid=1x;3443;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f68aa6b720665c1f9550df780eadcc7b0cfc9033bbbb383237b902428aafe2d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2932
expires
-1
generate_204
tpc.googlesyndication.com/ Frame 8DB9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zZzo7Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
animejs.js
static.criteo.net/animejs/ Frame BEA8 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:45 GMT
9db149d8ef374b95a89a32f0f2613879_cpn_300x600_1.jpeg
static.criteo.net/design/dt/55084/4696239/ Frame BEA8 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/55084/4696239/9db149d8ef374b95a89a32f0f2613879_cpn_300x600_1.jpeg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
5f6448b02da7a2e63221c29f10d7add252593f3641bfc50c85831797728c45bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 06 Sep 2023 15:50:14 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64f89fb6-19712"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
104210
expires
Tue, 10 Sep 2024 04:20:45 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=104&m=0&partner=55084&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F55084%2F220513%2Fe86b6f535ec64352a05e58b0a04c5c82_logo_n_vertical.png&v=3&w=596&s=NsKg_rbTIja77qDm_c5F9Ui_
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4d1ad36549feb2112e1554f65644c6a3a7002fb0e6df3e70367bdc50fcbbf2aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
20450
expires
Sat, 31 Aug 2024 07:01:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdwd45ca98a%2Fimages%2FpreAH15%2FClaudie_CFPTS00747-A004_H_1.jpg&v=3&w=800&s=WFdmtX6PQsjVEZ6GURdHRQas&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
050bd28f1d417e64a7f778e8aee3cdf3ae7228f25938bd23f99ea1b144f8bb99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
9844
expires
Tue, 03 Oct 2023 05:36:54 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw0ac19576%2Fimages%2FpreAH15%2FClaudie_CFPRO01193-K009_H_1.jpg&v=3&w=800&s=h-cNj3xSpNd1miOWACCjC3PP&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
25c3baff20dbf3e10fd2e154be8305c6938eea9b5c731d9b349a7d68fd90aa0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2590229
content-length
39608
expires
Sun, 01 Oct 2023 08:10:44 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw2f4d9496%2Fimages%2FpreAH15%2FClaudie_CFPRO01725-K009_H_1.jpg&v=3&w=800&s=L7ynBcvkLgBzkHZJyWdMGjjO&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7bdfa3ca3eeae333bd9b69361e3a92600924657de82e8af1a9bafa41f62c07a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2591469
content-length
32106
expires
Sun, 15 Oct 2023 05:29:53 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdwe7c03100%2Fimages%2FpreAH15%2FClaudie_CFPTO00578-K009_H_1.jpg&v=3&w=800&s=vuG9P6Qtb5q3Crbnb_wwsT0p&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d742cb942c7e8e3523cd3fc982af9a1af5fc4ee46195a71872f56b4321fc0f95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
56356
expires
Mon, 18 Sep 2023 19:44:15 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw108f4f4f%2Fimages%2FpreAH15%2FClaudie_CFPOU00414-A014_H_1.jpg&v=3&w=800&s=FtveR2-VZLJRTFKxAW0HaIN7&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6e7748d5e94af8f249839037fe6b4abafe14454c8166dfc76306986c043d5892
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2590299
content-length
15482
expires
Sun, 01 Oct 2023 08:05:12 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdwfe97c5e7%2Fimages%2FpreAH15%2FClaudie_CFPRO01895-B001_H_1.jpg&v=3&w=800&s=PU21utM_ifptkuYJSb2GyLxP&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
957518d200efbc154ab2fcd7c21032be4fa1877d3b1bd99893b540f672ca5a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
9816
expires
Mon, 18 Sep 2023 03:33:55 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw64709f24%2Fimages%2FpreAH15%2FClaudie_CFPRO01433-D026_H_1.jpg&v=3&w=800&s=tYW7QH0nUfC5k2gZyBIA-Ux4&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
39ff16800bf346f4082a01da923a975ed32ca4668799351f9a0565bb6ae60ede
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2591695
content-length
14342
expires
Mon, 09 Oct 2023 08:16:39 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw69db66db%2Fimages%2FpreAH15%2FClaudie_CFPJE00248-D031_H_1.jpg&v=3&w=800&s=0jv4ATdV-b_2-gxhxNyqp7mw&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
33d82dd723b361e07a2aeac917313242583a01304892e8fb200b81629cfcebd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
13844
expires
Wed, 04 Oct 2023 01:07:14 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw70eb7e22%2Fimages%2FpreAH15%2FClaudie_CFPJU00468-K009_H_1.jpg&v=3&w=800&s=xjBjKRUIlXNisral7f0SicvI&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
55df28249e9431f2164f9299a5ccd7c04b5eaddf3b1051430e84a1591a0da5f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
30452
expires
Sun, 15 Oct 2023 02:56:10 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw6e1d3840%2Fimages%2FpreAH15%2FClaudie_CFPPU00819-G007_H_1.jpg&v=3&w=800&s=nEYDdBCSyDTm28MEDyM13iAk&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d7a40dd1262874dff50f0dae4f76a4b91f016220bef6e1bb61370cb35fe7ca41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
14842
expires
Sun, 17 Sep 2023 19:36:59 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw4b6490bd%2Fimages%2FpreAH15%2FClaudie_CFPRO01939-K009_H_1.jpg&v=3&w=800&s=oUk5XTAjku52H7tgjVV4CUHk&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
91b2454391e727c213d26c21d87009357b86f57c4d0df7cc776cb1ffa4a0a84f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2586447
content-length
24120
expires
Mon, 02 Oct 2023 20:46:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw923e2a48%2Fimages%2FpreAH15%2FClaudie_CFASA00286-K001_H_1.jpg&v=3&w=800&s=kq7bPVGR-H0Uod4pUx77tuIR&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
22d5adb4aa92453593af429c21328d550e7490b45f267736b3be9e40453bf73d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
47180
expires
Sun, 08 Oct 2023 08:20:29 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw42536dfd%2Fimages%2FpreAH15%2FClaudie_CFPPA00399-D002_H_1.jpg&v=3&w=800&s=GWPJczK2_t3b8YWRRLkbVNqx&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
c4e2051aa1f885fad9d822d587c15dbc0b9d9b1092e7d0f5b3704d5978b02dc2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2591947
content-length
10306
expires
Sat, 14 Oct 2023 18:17:07 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdwf36e8a24%2Fimages%2FpreAH15%2FClaudie_CFPRO01221-K009_H_1.jpg&v=3&w=800&s=zacJI07W89EwrI5qcsRc-CDX&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
05e3ee484d9218df36cf506bf38524cf2b0cc5a264b999f73c05f67369a6c7f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
57648
expires
Mon, 02 Oct 2023 06:48:52 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdwe71b5652%2Fimages%2FpreAH15%2FClaudie_CFPCM00279-D010_H_1.jpg&v=3&w=800&s=Rp2ZW0Ic-ufbd-1hrR-cj_KZ&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0c661e7f23ac9a95df7a4502d2a9ca1991d7dca2ca78f3051fded813f52be0d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2591154
content-length
14144
expires
Sun, 01 Oct 2023 08:05:29 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw300d80a4%2Fimages%2FpreAH15%2FClaudie_CFPVE00327-B003_H_1.jpg&v=3&w=800&s=Io7NUmiKpW_TIw-NZN8ge0pP&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
94e49db8cea4f83ff9e99691dd53d3d263fe81df263260530f3695c58e26d31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2591230
content-length
48490
expires
Sat, 14 Oct 2023 07:22:24 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdw9cbe091c%2Fimages%2FpreAH15%2FClaudie_CFPRO01974-K007_H_1.jpg&v=3&w=800&s=ve7hAQb6cyjvtuhJLV5wUmxf&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
55db6082181e4c06b223c95c6d00d3d9e3c4209a1c84986a9174df191d087440
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2589905
content-length
24186
expires
Fri, 13 Oct 2023 16:14:33 GMT
img
imageproxy.eu.criteo.net/img/ Frame BEA8 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=55084&q=80&r=0&u=https%3A%2F%2Fde.claudiepierlot.com%2Fon%2Fdemandware.static%2F-%2FSites-claudie-catalog-master-H13%2Fdefault%2Fdwc16af6c0%2Fimages%2FpreAH15%2FClaudie_CFABI00126-L007_H_1.jpg&v=3&w=800&s=LqVqCK47nJnP7XA10OcHmm0D&b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a338579389359984e61301d6d35da25be4a831ab7fe46b257ff6d502896ad542
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=2592000
content-length
84006
expires
Thu, 05 Oct 2023 14:59:59 GMT
all
csm.eu.criteo.net/ Frame BEA8 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Rmbj6g-ettJpq_JJtDT3dV9_99gl7JZResyzFyUmB5FQcat23DlTa1GRlD2xJsZlAyi7NiWO8a4NFX2-cInTgNWd9UHSP8I1aZA7S8gJnZqqd926vY4IoAE5eyQJkz2Se_au3wE2-FKcGgZYJA-zgJ25wVdjFEB1kUKmypTkrGPOw11fjpokPN1x4EvouNkogDFNxob2Dkh9LvxtjV8O1_5RIglDGdbXMX26Uu91ZjJVTCOARiiKXHWaXdobzREgAaXEIA&sds=2&rev=88356&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame BEA8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:45 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame BEA8 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:45 GMT
/
track.adform.net/adfserve/ Frame 3758 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=63477641;rtbwp=0.0523-EJ_IZKIAq55oUbYqKknhMla6-2Mw39S00;rtbdata=0L1ZDbaSoQedTd0GZbZXOPsSqURZ8OZSjomTqSl4TT2ttMP3jKOsfmmTFnbExOITjrvt3_gbA9_NotpUPY8BrnNn_FiDNQAKI8Yu0fipInmDa04QQ_an43LOVWHVpGky2r6JLcaX_2Abz9RJntpJYx345yz3_Yw3FQLMVb2a6WhoRbD3iOdkLt6ZLIIHSytiE5zcbUUxXPuyUBkNx2AAzA2;;oobclicktrack=;js=1;adfxid=2x;3033;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cfec84c962f77539fb8d96d25c849df27b3ccede7e886d183d235b3c9522c65f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2240
expires
-1
hqlt4swdcmtw
hal9000.redintelligence.net/zone/ Frame 740C 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/hqlt4swdcmtw?subid=&gdpr=0&gdpr_consent=&rnd=67559&extVar[]=SSP:Magnite+DV%2b+Platform&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239551%3Bcrtbwp%3DA3B4F555EEFA3632%3Bcrtbdata%3DkfkPQ_6tnM8XaMHxV2IFya-kHeLxSZqDLRSS-n0iNrW6Bn5Akp7xHTnIJIZjWBb2zdrzuO6I_lfDyeH4Lk7SGQJuNVU9xy4KDR_xlNuELWr_ybo1XlsabHuaXvd1Z5D8ikSyMY6XAlx9JGJvq8YnagNq94qtAs_uALqA4p0WcUclFTGzWmKMpo92d3By-GLz7TZYM-w18blWeC4aXvnX4hi1M2vhVm_PTRcTXNXaf9kexR5bUXfDEd_8XFAedtKw0khXRwdaSoE522vNtB8Sk8N-eG7y1UnI4UFuhV40q881%3Badfibeg%3D0%3Bcdata%3DvuLkJzT0l1OAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNV_ChdBvdDDJR83CZxtsPGiReIeMtFnicxZMkZo0lvpOROIa3grt1px9JGJvq8YnaibmXHPd0oZev5TdLk1z5oEbV946MqZx1YXDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTV-xGKFmUIVFYfa1hzU9rD0Pv8hP3tCzhnZzNUp5PILAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwheregoes.com%252ftrace%252f20234290838%252f%3BC%3D1%3Bcpdir%3D
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 Sindelfingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
a1345530debd90831e84a704862932626993c8cd5208f61269ffc6e7a979c9d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:45 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3367
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
/
track.adform.net/csimpr/ Frame 740C 		35 B
590 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=67239551&csi=kbOXhng83IS7DffbcQNocV_T9yu4lA8eWb5ZHblnhJTrygPkIxxfk0pUhYuQ_L2HrHSfl25-f2VDFlwDDl28LmQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://wheregoes.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame E444
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-__E0W8wBT8GBbnf3cbtUS0duKSw8EcGwZuQW2A&google_cm&google_hm=ay1fX0UwVzh3QlQ4R0JibmYzY2J0VVMwZHVLU3c4RWNHd...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-__E0W8wBT8GBbnf3cbtUS0duKSw8EcGwZuQW2A&google_gid=CAESEL72H-fj5gb4FCqy-U_tf2M&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-__E0W8wBT8GBbnf3cbtUS0duKSw8EcGwZuQW2A&google_gid=CAESEL72H-fj5gb4FCqy-U_tf2M&google_cver=1&google_ula=913071,0
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
568747
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-__E0W8wBT8GBbnf3cbtUS0duKSw8EcGwZuQW2A&google_gid=CAESEL72H-fj5gb4FCqy-U_tf2M&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame E444 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-sYUQ2MwBT8GBbnf3cbtUS0duKSwaGJUck9pIkg&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.36.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-36-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame E444
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4380659188768351338
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4380659188768351338
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1168109
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
an-x-request-uuid
645d2150-e5dd-45a9-af24-d5693196b264
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4380659188768351338
x-proxy-origin
217.114.218.20; 217.114.218.20; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame E444 		53 B
785 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-s8RlsMwBT8GBbnf3cbtUS0duKSw3FWbwwvES1Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sat, 16 Sep 2023 04:20:45 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Sat, 16 Sep 2023 04:20:45 GMT
tap.php
pixel.rubiconproject.com/ Frame E444 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-o4JZB8wBT8GBbnf3cbtUS0duKSwNeGjTEubXmw&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame E444 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-_qcp-8wBT8GBbnf3cbtUS0duKSwzdalnOFinFA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.133.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
/
rtb-csync.smartadserver.com/redir/ Frame E444 		43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-SnUWLcwBT8GBbnf3cbtUS0duKSwaCUbxOmsglA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:44 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame E444 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-QzMCF8wBT8GBbnf3cbtUS0duKSx7g_rISNEZKA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25762
um
criteo-sync.teads.tv/ Frame E444 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-Kq-jd8wBT8GBbnf3cbtUS0duKSxvkc9esUKKAQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires
Sat, 16 Sep 2023 04:20:45 GMT
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame E444 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-62Ue-MwBT8GBbnf3cbtUS0duKSyM0io5BLovrA&dongle=013b
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame E444 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-IjtyJcwBT8GBbnf3cbtUS0duKSzzGXTaVftcIw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame E444 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-qYOsMMwBT8GBbnf3cbtUS0duKSxVjuyfuKS1_Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
last-modified
Fri, 28 Jul 2023 11:03:52 GMT
server
nginx
accept-ranges
bytes
etag
"64c3a098-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame E444 		49 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-OV_on8wBT8GBbnf3cbtUS0duKSxzvF00QqF45Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:44 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
7
content-length
49
expires
0
rum
r.casalemedia.com/ Frame E444
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XBSde8wBT8GBbnf3cbtUS0duKSxfT6EVefHD2A
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XBSde8wBT8GBbnf3cbtUS0duKSxfT6EVefHD2A&C=1
43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-XBSde8wBT8GBbnf3cbtUS0duKSxfT6EVefHD2A&C=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4RdXUiu9CVeijCf981u6ph2TtO96YLxJZTM47JsCB4NA0suPuMz6wgmhFEClNEnNU5Q9ZqcD0UKkqkGmbfY5s0f01E3P%2FjzkiBQ4gzLoGMkylblkN1WE%2F79GwTaL8t3Xu4R"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
807651995cff362d-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zv22onzV26ZArwHrGhgse4fkGri3bhSDsaNaKPnFbc4sQeg58jFBmORewciNN%2BSU1OKeN%2FLQGsRFM%2FiklVfWvGDuDZ6BmCXEia55QaM96B3DtjSEJ57yU4y2GFWsUK1Rz%2BhH"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-XBSde8wBT8GBbnf3cbtUS0duKSxfT6EVefHD2A&C=1
cache-control
no-cache
cf-ray
807651991caa362d-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame E444
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=XGqErJ6zzKZ0mSzXQJeF8-lpV5-s2K85
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=XGqErJ6zzKZ0mSzXQJeF8-lpV5-s2K85
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=XGqErJ6zzKZ0mSzXQJeF8-lpV5-s2K85
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
HTTP/1.1
Server
52.210.204.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-204-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-00c5a57fc.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
HiuNQikSSX8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v050-0db816301.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
F2CpWq5sRp4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=XGqErJ6zzKZ0mSzXQJeF8-lpV5-s2K85
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
match
ad.360yield.com/ Frame E444 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-hVp1zswBT8GBbnf3cbtUS0duKSxOh9xf26arPA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.217.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-217-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Sep 2023 04:20:45 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame E444 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-jT3OMMwBT8GBbnf3cbtUS0duKSxGnJVbuwtWcg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame E444 		0
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-jLsS6swBT8GBbnf3cbtUS0duKSxz5vxrnVVKCw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.124.248.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-124-248-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame E444 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-_loNN8wBT8GBbnf3cbtUS0duKSyvREZls8HMlw&initiator=partner
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:45 GMT
Cache-Control
no-cache
X-TraceId
4b7c2c004df0a12f2d81e7be61b3c8e8
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame E444 		42 B
578 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-aGThlswBT8GBbnf3cbtUS0duKSzNFOfazupk7w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:45 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame E444 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-xd02d8wBT8GBbnf3cbtUS0duKSyksTBLyNU1uA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:68e0:e587:d65a:6262 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Sat, 16 Sep 2023 04:20:45 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame E444 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-uCnIvMwBT8GBbnf3cbtUS0duKSweKb-jiUGODg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Sep 2023 04:20:45 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame E444 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-8C9kx8wBT8GBbnf3cbtUS0duKSxnia6vcBduQw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:45 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Fri, 15 Sep 2023 04:20:45 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame E444 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-wUlEH8wBT8GBbnf3cbtUS0duKSwYJgDY4dZxjA&pn_id=criteo&ext=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.244.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-244-27.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-length
0
put
e1.emxdgt.com/ Frame E444 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-vjNjEMwBT8GBbnf3cbtUS0duKSy298GrepAkdg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.123.197.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-197-153.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
server
awselb/2.0
oswald-400.css
static.criteo.net/design/googlefont/oswald/ Frame BEA8 		2 KB
800 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/oswald/oswald-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0b8a1d9d8eed5af68ed7ce830f43968deefcaa01a3a2fa146b156cc01f6e4a98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f083-639"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:45 GMT
roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame BEA8 		2 KB
841 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:45 GMT
roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame BEA8 		2 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-807"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:45 GMT
ThirdParty
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ Frame 740C 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:types/ThirdParty
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:23 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:04 GMT
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 3758 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=8128488
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 16:20:24 GMT
Server
nginx
ETag
W/"64c7df48-22bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Sat, 16 Sep 2023 05:20:45 GMT
oswald-400-latin.woff2
static.criteo.net/design/googlefont/oswald/ Frame BEA8 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/oswald/oswald-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/oswald/oswald-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f36c7d76fdd5fe543f05e07db9ef6c2f3010bed4ab9960b6af9af269d75ecfaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/oswald/oswald-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f083-2670"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:45 GMT
roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame BEA8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:19 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13b-3d80"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:45 GMT
roboto-700-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame BEA8 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/roboto/roboto-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/roboto/roboto-700.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:14:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f13d-3df4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 10 Sep 2024 04:20:45 GMT
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/ Frame 3758 		86 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b117604cee9ddb73346c9f5a89d3dd2ac813ebf1c78fd8879e611c820c755bb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:23 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
sync
ups.analytics.yahoo.com/ups/58301/ Frame E444 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=0&redir=true&uid=k-IjtyJcwBT8GBbnf3cbtUS0duKSzzGXTaVftcIw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
ib.adnxs.com/ Frame E444 		43 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-2FPVBMwBT8GBbnf3cbtUS0duKSxu4v11kGj8sQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
an-x-request-uuid
8ec2728c-e9e5-4969-9fce-a69de9083eea
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.20; 217.114.218.20; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
request.php
hal900015.redintelligence.net/ Frame 740C
Redirect Chain
  • https://hal900015.redintelligence.net/request.php?zone=hqlt4swdcmtw&nw=20&renderingType=javascript&namespace=8cc8bc81bf&subid=&uid=69b5624a10a88d6c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900015.redintelligence.net/request.php?zone=hqlt4swdcmtw&nw=20&renderingType=javascript&namespace=8cc8bc81bf&subid=&uid=69b5624a10a88d6c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request.php?zone=hqlt4swdcmtw&nw=20&renderingType=javascript&namespace=8cc8bc81bf&subid=&uid=69b5624a10a88d6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=SSP%3AMagnite%20DV%2B%20Platform&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239551%3Bcrtbwp%3DA3B4F555EEFA3632%3Bcrtbdata%3DkfkPQ_6tnM8XaMHxV2IFya-kHeLxSZqDLRSS-n0iNrW6Bn5Akp7xHTnIJIZjWBb2zdrzuO6I_lfDyeH4Lk7SGQJuNVU9xy4KDR_xlNuELWr_ybo1XlsabHuaXvd1Z5D8ikSyMY6XAlx9JGJvq8YnagNq94qtAs_uALqA4p0WcUclFTGzWmKMpo92d3By-GLz7TZYM-w18blWeC4aXvnX4hi1M2vhVm_PTRcTXNXaf9kexR5bUXfDEd_8XFAedtKw0khXRwdaSoE522vNtB8Sk8N-eG7y1UnI4UFuhV40q881%3Badfibeg%3D0%3Bcdata%3DvuLkJzT0l1OAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNV_ChdBvdDDJR83CZxtsPGiReIeMtFnicxZMkZo0lvpOROIa3grt1px9JGJvq8YnaibmXHPd0oZev5TdLk1z5oEbV946MqZx1YXDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTV-xGKFmUIVFYfa1hzU9rD0Pv8hP3tCzhnZzNUp5PILAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwheregoes.com%252ftrace%252f20234290838%252f%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=1310973791603&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
a2c1629f9030c07ff27b3e2fb5bec958cb01972c4b54e21244ee572f3d5fb8c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:45 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
40256400009887409150649012449015
Connection
close
Content-Length
330
Expires
Sat, 16 Sep 2023 05:20:45 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:45 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=hqlt4swdcmtw&nw=20&renderingType=javascript&namespace=8cc8bc81bf&subid=&uid=69b5624a10a88d6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=SSP%3AMagnite%20DV%2B%20Platform&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239551%3Bcrtbwp%3DA3B4F555EEFA3632%3Bcrtbdata%3DkfkPQ_6tnM8XaMHxV2IFya-kHeLxSZqDLRSS-n0iNrW6Bn5Akp7xHTnIJIZjWBb2zdrzuO6I_lfDyeH4Lk7SGQJuNVU9xy4KDR_xlNuELWr_ybo1XlsabHuaXvd1Z5D8ikSyMY6XAlx9JGJvq8YnagNq94qtAs_uALqA4p0WcUclFTGzWmKMpo92d3By-GLz7TZYM-w18blWeC4aXvnX4hi1M2vhVm_PTRcTXNXaf9kexR5bUXfDEd_8XFAedtKw0khXRwdaSoE522vNtB8Sk8N-eG7y1UnI4UFuhV40q881%3Badfibeg%3D0%3Bcdata%3DvuLkJzT0l1OAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNV_ChdBvdDDJR83CZxtsPGiReIeMtFnicxZMkZo0lvpOROIa3grt1px9JGJvq8YnaibmXHPd0oZev5TdLk1z5oEbV946MqZx1YXDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTV-xGKFmUIVFYfa1hzU9rD0Pv8hP3tCzhnZzNUp5PILAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwheregoes.com%252ftrace%252f20234290838%252f%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=1310973791603&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Sat, 16 Sep 2023 05:20:45 +0200
/
track.adform.net/csimpr/ Frame 3758 		35 B
590 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=63477641&csi=Sqb-8hmhZ50GFkoPXlVtd3AXNU0Ol4PIqfQJAEKao-0JDwKV3Zer3EpUhYuQ_L2HEJiPNg7_QlIxdq1UVxmztWQBbo50IEXs0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://wheregoes.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
58157791.png
s1.adform.net/Banners/58157791/ Frame 3758 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/58157791/58157791.png?bv=1
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c90dc4c988e0140b81f06aa8fe4ed755d1325363d3e4e72815236a6f49084312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:23 GMT
last-modified
Mon, 17 Apr 2023 13:00:46 GMT
server
nginx
x-amz-request-id
tx00000a6cd0dc02551f1c8-006504d498-32959ea8-default
etag
"85c79942cea37fec57f8de69c2b560ee"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
23982
view
securepubads.g.doubleclick.net/pcs/ Frame DDE2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJZdX1Snd2OtY7jhzWkC1RzzGYPOpllj_NPkeZRXkejXdZx9G-xRqFSFGA3cc4XX3RwwBbziFjTamvQENGzaaC8XxTyGmNpdzhxUDEjIz9NE01f1rrk-A95nQlsCdapjtxGrn2NOdnwSQns2Nm2iCs-jfEr8M9-z6qo48oJ-1Aj1p5skdVsTwM2PaHBkn3f4Qg6xkEiv2c5F7of5v-QC62zZrl38qZueVyKi1KE2Y0KWkf2iR-U-lRyiA_g1G41k6rSBN4pc2DDUZAEjqokb_RDWdSUQ1ci9j1hOYRN34NgkfneItf7lVoSr1NGQZpLK40vioJZjoHJYaTpznCj04dWLpqw8vBP-vhAyb9TX0h&sai=AMfl-YTUp4Tbyy6V-0M3wYNdUjdi5aHI-iUOPOsgvojlO92VrXHU3iq0PKHdTYGR14ZKE61wQ3ieAOBtIBdL0vCA_AvTxNnk7EwlYT1Zhq_oQcnmOjo8Y8TvOA9Ch8YbBFQOb0y9RKDuvfYiqwnUkb8&sig=Cg0ArKJSzKvOX5KGPJZ-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Sep 2023 04:20:45 GMT
truncated
/ Frame DDE2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
357cd27ea987a15d49dee9ca6c14a4ccce78ba1fd18ae1fa944f16e965771a5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 3758 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
702b400f7d1227c5650a52afe52889f0e362ee0819d71819e466b12743e8d785

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 3758 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstqj50OubGh5m19LbtQ1zkjbUjwPAr_01wyYjLu3Lc_8XhY01mS3WW0bbFu_OCKTdz4in2l7GuS1ZqOSjqYgIuGRpxPY6sPHUTd7_3X__NOrJkUxAaRHTK_LmoAkcBAJquuaWNG4gvx9qm_p0yj3j01TXfazZsjZ4iXWRWy_MqFNM_sJ2LpdjEl6SZpVwu-fGfmMqYOah2Pna_5PwwIKzMkWnBLLwl-9FK5BEbZY0ZlLfaq72SFH14ubx0u5E-hZs6X58T6hJ1maW48d0DjDNApLr4Hb4VkP1w7MAuwKvym1UNA2uuH-gLTM479K6wsZv1CFvSgqFtHRoaH5HxjLf3zRpUC0SDvGHY&sai=AMfl-YRc65CISNlOcRENLaR_vv_R14TE8PnaW0AOFncX307losrQ3pr2tQgGgwxxx_01pMGXRBohRUE1C5YIgjv4xRG5dgQIkPZly_f-ftAQ7-L4VFG0BaqYmK5sqxXgFzGAM8NszCUcli801PzNt2U&sig=Cg0ArKJSzGACz1kV-j_wEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Sep 2023 04:20:45 GMT
beacon
ce.lijit.com/ Frame 8393 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=8128488&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=8128488
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sat, 16 Sep 2023 04:20:45 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
usermatch.gif
beacon.krxd.net/ Frame E444
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5l0NaF4BSImZJ4dUN399lwrc4Knm4eU_
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5l0NaF4BSImZJ4dUN399lwrc4Knm4eU_
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Server
18.203.183.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-served-by
beacon-n022-dub-prod.krxd.net
date
Sat, 16 Sep 2023 04:20:45 GMT
cache-control
private, no-cache, no-store
x-request-time
D=43 t=1694838045
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5l0NaF4BSImZJ4dUN399lwrc4Knm4eU_
date
Sat, 16 Sep 2023 04:20:44 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
806500
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309130101&jk=2016699352838929&bg=!oqGloe7NAAbP3fMH7907ADQBe5WfOHfORGCKTxSbjisxAROdrdo2LDssvBTnb3P4ygg5EtInD7cnhaBFSKOlnkRaRHtkAgAAAQpSAAAAC2gBBwoAVbdmg_ilD6WVFfm7GKqr32jXytS78jJom3M-pTF8VBC-VbXBsKRLk8KKMTvu5A56-a2eztlviyOd4uL26UWXnhsLOCBhlfWCYVBYubQpGz8Ujgfm8t2ZAtcOGB7QJbpwC01oLMoy4txSyEEB3IaRk75IgmkAzGDOudVOVLN3GVkTVBKrvq7abmW8gtYcGyUzlwc3PkTa-bca3OdR2by0jm0Oh56lIRi8UGfG7i25Pbq_kXXzBY8VYZs6a3gDY3csuSMFtoy48xPvECv5f59n5LmykvKb2bVULqRORy1mfgY6AEWyuBkkLWzZma0uXvYsNyIpCklpZB5v5ru5CbZvL-GjP5iRGsGuSXJkxniJIOxjGWolFU9BiVgz_uPX0q6-8iiRQ_C0J-Eqfz4wHQfrKf-QWzHx_4Bxtb-DmJ6jCP6Pq2I0yyZ83Sekn2-xEhTkkASwG3LW9ZLwnZ2crzxBkjyCvsOtb-sY0Eo9bob45kBdfICHZTD06G1KAAUzGCKrzxFQ_LT-f76YLGd5LJ62YxFaa40FdNfSJd2r7-UoEinbNDBJzjvmnYRw54O3hpXRKM8DLeuJ0th9YbLTlMEgawb40e4vhZrPuNhDpHoBLX9EtKpbdsYhiwWxEvkST_cXUPqdmWHW7BwFhCuCMDWPERSTtl4RRiS2NCFciTBl3K23phETH9AgPenJPT0LXVvIktW_1JL1dmWIyEbuhmETYEZZZHMNpMAJWNQI_Zb7xjPOrlBdSTCJ-w-FTCgHogKI94K7hh_X88g1TgaBCRnojpUkkjSgJa4T_VSDBPPwrCF8QIj8Fn59l9bbaanOoVwAPCnT-yvntL2KjfBgSVw2YXOG5ThgQn96fAYev19_xHeXbJ6gR_n2rpHEGJZIIVgcKAI099e75xVI4EIvj7Z1ttV02SbUcv3u4xKSnRJxnlSypDWEm0xkIjVGsaPISF7z16fnKtYW2yhGgpQXuwP2gNVMuJpTtLKj2WrZdXUMj1pFQEaqZlqzVwbW1_Sbxfbt4AB-2PyEmZr4kWsNz_NypKd6CCZnb0fVHtuuE7PRVPNAIBmcoSMdHJJy7wo_FteI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers
cs
s.thebrighttag.com/ Frame E444
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ZSaAERTo4gBrpCI9FYpAoaUhgSemuH16
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ZSaAERTo4gBrpCI9FYpAoaUhgSemuH16
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=24649CB0EDF8BC90&u=%7CKgryy%2FsL6r9qGFHQZBdY1ud9KO%2FjtSMdjIwBIOw%2B6ss%3D%7C&c1=zhOks3zwNR3WrnLxo3t3vWn9IBQRVisEB-0vsT4c333TeQhbdouKrurZenDE6j0DhcWv6pJbssDdTBVRVJ6lRKBdbpGHDqNl_fwp-ENQO7SfuSUAq1rArR1kJKF2rCKhvEXIbxMxxI_2fW4-hri0Km1o8haXmuM6Pl6XvgnCZgut_RCOJ6sGukLaoRyBjjRIXRKBaenXUROz5tSi2xRyLtcEXkoJvefwxmzHushRBlIUkSLimT4OCr6FWRudG8824Em4JIMLwVZ1a1oGiig2C_OAKZJP-IEdc0lnjPM6h3bvh_Os_3_ZYAl9SnoTf_qrVkdfW_VOYk5jR0ouvYg8QOyL9TQJ5oiZfoF1M4_ri0UtnHGjqJjS7KR_r5827J9RyvenqA4aahg4CcKVMZZsBmQtGLAsJtEHcag950SRooxj22S1oAxm-GsTkry4OSc26yr8-bZa75mGYevUDQ6Z5qQ0ku-sbC80BoXpevwbO8FzZ0XkcDoVbF-kHWqC9DTNe8Q2dTnqbY-9MDYUoj8NNIL070BO4qqHaNyQoDzRBVL_gKLqtLgjuT1SGMhty8IXnPC5w-UUG2szK_8IvdA-nDn2fwxjubvj1LGsFQ-g1Cuijt8fsKJ3PFW1DImv9b2ZsEd4Xn6ltUbUm8w9Gjsi9xQ7KVT071HdsQGZX9LjPzzUZva80HWcUu-j71drwXwMf5kM7BsHhBprPcXqQR-LijuPgMffKI38qAXPKsWuppI
Protocol
H2
Server
18.223.127.73 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-127-73.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
x-bt-requestid
6870b760-5448-11ee-b5ae-0000ac170286
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=ZSaAERTo4gBrpCI9FYpAoaUhgSemuH16
date
Sat, 16 Sep 2023 04:20:45 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
885052
content-length
0
request_content.php
hal900015.redintelligence.net/ Frame A0CD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/request_content.php?s=40256400009887409150649012449015&a=cc09cc0f
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request.php?zone=hqlt4swdcmtw&nw=20&renderingType=javascript&namespace=8cc8bc81bf&subid=&uid=69b5624a10a88d6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=SSP%3AMagnite%20DV%2B%20Platform&envData=&gdpr=0&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Ftrack.adform.net%2FC%2F%3Fbn%3D67239551%3Bcrtbwp%3DA3B4F555EEFA3632%3Bcrtbdata%3DkfkPQ_6tnM8XaMHxV2IFya-kHeLxSZqDLRSS-n0iNrW6Bn5Akp7xHTnIJIZjWBb2zdrzuO6I_lfDyeH4Lk7SGQJuNVU9xy4KDR_xlNuELWr_ybo1XlsabHuaXvd1Z5D8ikSyMY6XAlx9JGJvq8YnagNq94qtAs_uALqA4p0WcUclFTGzWmKMpo92d3By-GLz7TZYM-w18blWeC4aXvnX4hi1M2vhVm_PTRcTXNXaf9kexR5bUXfDEd_8XFAedtKw0khXRwdaSoE522vNtB8Sk8N-eG7y1UnI4UFuhV40q881%3Badfibeg%3D0%3Bcdata%3DvuLkJzT0l1OAT8X2gQSh59DqhE_nZ0WCLZLWzTcUD2M_wcsm_AGm4rFFvym3DnMtLY-gb51sNQzW9lobPW-VNV_ChdBvdDDJR83CZxtsPGiReIeMtFnicxZMkZo0lvpOROIa3grt1px9JGJvq8YnaibmXHPd0oZev5TdLk1z5oEbV946MqZx1YXDEbzWWblEHQbaPjk54uN7bdp-DsExYsX4De8FoXoTV-xGKFmUIVFYfa1hzU9rD0Pv8hP3tCzhnZzNUp5PILAYaZwUZL295WT0lQkXAT8x0%3B%3BCREFURL%3Dhttps%253a%252f%252fwheregoes.com%252ftrace%252f20234290838%252f%3BC%3D1%3Bcpdir%3D&documentReferer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&ancestorOrigins=https%3A%2F%2Fwheregoes.com&random=1310973791603&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
59b2d4451bd86f17f029d927e5590c794f5f607eb3cde1e1a05730a8b9b36d2d

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1504
Content-Type
text/html; charset=utf-8
Date
Sat, 16 Sep 2023 04:20:45 GMT
Expires
Sat, 16 Sep 2023 05:20:45 +0200
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0021 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Sep 2023 04:20:45 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ Frame 740C 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=8128488
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:45 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 16:20:24 GMT
Server
nginx
ETag
W/"64c7df48-22bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Sat, 16 Sep 2023 05:20:45 GMT
jload
pixel.adsafeprotected.com/ Frame 740C 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=5032&pubId=buysellads&chanId=995484
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.146.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-146-58.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5ff73fe6f7e963b7135365d3a16efe8b55f9cf3eb11b9d52f86da81659645b24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 740C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaA1pl4K4Z1r59Z6L5UsuH3H4lZrNev4Xi0Lj0CMHkzY9gEKSyH6Mv35Sd5GdtiCRQLqAnuc3xIUBhTsLtiIkpw31BBJ2A5xJyOTgOPdrmG59MhY8wzgjpKq_AfY2ZsNFDBZ2xQ1sD55LtDsKmhDo_aLsnTpOKcsJeekMWEyvIoKoAyoaRRP5Agb2Ypa7N07IqMaBdebYJNZ5LebqylRtJpVrD2_fKK90UlwalO7klAw7D6iUlR4yc1X2E1mi9HOK2zz2OQajDiS8VrQhxOhwfBARpi2bNIUjslxLbLd8ScMEQFwgtp1eD1cpXgfeOZFn63k56dtjrx-WQMqYS3fA8oEptY8ReAo0bn2s&sai=AMfl-YSFo76ojKs0eHceyZqNGiCaJwcDUegDF5N-CNTCGruPtiv_Q6DyaLY8Ix3AhjePyxMvLlBPrVyTVq9wKRb1b6DoWnZXbhrpL3C86zpGFIjB0l2HM8FB7wl3DCSwgNsF5J6rAJINop9hQ98_hks&sig=Cg0ArKJSzPoqOCzAhcMpEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Sep 2023 04:20:45 GMT
truncated
/ Frame 740C 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe90504915b170b3288816c9db44f14efdf6c636b696cb5af669e6bfc2e74516

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 0021 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:45 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:37:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40578
Connection
keep-alive
Content-Length
10521
Expires
Sat, 16 Sep 2023 15:37:03 GMT
/
track.adform.net/adfscript/ Frame A0CD 		727 B
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=67114533;click=https://hal900015.redintelligence.net/c/pn7bwgw2rbamcwf?tprd=
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=40256400009887409150649012449015&a=cc09cc0f
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
42a08a20d3a171ead1fea8a5d065b784974d5634f13ab2125b3568a54ef89f50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
525
expires
-1
viewability
hal900015.redintelligence.net/ Frame A0CD 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=40256400009887409150649012449015&a=5c46b716&vb=m
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=40256400009887409150649012449015&a=cc09cc0f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=40256400009887409150649012449015&a=cc09cc0f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:45 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame A0CD 		36 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=67114533;click=https://hal900015.redintelligence.net/c/pn7bwgw2rbamcwf?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:02 GMT
/
track.adform.net/adfserve/ Frame A0CD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=67114533;click=https://hal900015.redintelligence.net/c/pn7bwgw2rbamcwf?tprd=;js=1;adfxid=1x;5676;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fwheregoes.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9e07e9e6737d3ca7929abfbb378d8d448ba21f5587f7ce66ffaec0037a83d96a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1952
expires
-1
rp
match.prod.bidr.io/cookie-sync/ Frame 0021 		43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.219.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-219-162.eu-west-1.compute.amazonaws.com
Software
gunicorn /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:46 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
content-type
image/gif
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/58160/ Frame 0021
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LMLIT8GW-5-92YU&redir=true
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LMLIT8GW-5-92YU&redir=true
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:46 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Location
https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LMLIT8GW-5-92YU&redir=true
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b71bced807741b20dd93dce6c2d26405
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
check
pixel.tapad.com/idsync/ex/receive/ Frame 0021
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LMLIT8GW-5-92YU
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LMLIT8GW-5-92YU
95 B
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LMLIT8GW-5-92YU
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Sat, 16 Sep 2023 04:20:46 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LMLIT8GW-5-92YU
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 0021 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0021
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4bd2efee-924f-4a80-8826-c23103e701ea&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4bd2efee-924f-4a80-8826-c23103e701ea&expires=30
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=4bd2efee-924f-4a80-8826-c23103e701ea&expires=30
Date
Sat, 16 Sep 2023 04:20:46 GMT
Connection
keep-alive
X-CI-RTID
09864f65-f442-4d1d-a87e-1cb541239cf4
Content-Length
144
Content-Type
text/html; charset=utf-8
sync.php
pixel.rubiconproject.com/exchange/ Frame 0021 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0021
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=14
  • https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=HdJPhCxZWpBi3zdayk0nmdly2hQ
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=HdJPhCxZWpBi3zdayk0nmdly2hQ
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=731524&nid=3858&put=HdJPhCxZWpBi3zdayk0nmdly2hQ
Date
Sat, 16 Sep 2023 04:20:46 GMT
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
cookiesync
bttrack.com/pixel/ Frame 0021 		35 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.132.33.69 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
69.bidtellect.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-servername
Track003-iad
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:26 GMT
strict-transport-security
max-age=31536000;
content-type
image/gif
cache-control
private,no-cache
content-length
35
expires
-1
truncated
/ Frame A0CD 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
main.19.8.439.js
static.adsafeprotected.com/ Frame 740C 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=5032&pubId=buysellads&chanId=995484
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:42:57 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
3249470
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
J5qez45S4CQ9RGVshDkBX5-jgAzGQ0VFsyCpHvMp4WlZ6QBqTv4dVA==
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame A0CD 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
content-encoding
gzip
last-modified
Thu, 15 Jun 2023 10:58:46 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 24 Aug 2023 15:08:03 GMT
/
track.adform.net/csimpr/ Frame A0CD 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=67114533&csi=q-pKa4RiauK5FR93cvDYoG11dxQBLdp0_uiII2Fkg3gJDwKV3Zer3EpUhYuQ_L2HqBjbZ-CvdSMl8cas6DNb3t6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900015.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900015.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
sca.17.6.2.js
static.adsafeprotected.com/ Frame F927 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:2e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 08 Jun 2023 21:19:49 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
8578858
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
_R_0g_owl1AphZA5kkuGK-HdaC0LyPa1rTQSOaDah07E_djuM5-3Ng==
mon
pixel.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=5032&pubId=buysellads&chanId=995484&adsafe_url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20234290838%2F&adsafe_type=abedq&adsafe_url=https%3A%2F%2Fwheregoes.com%2F&adsafe_type=f&adsafe_jsinfo=,id:a1544ac2-5720-3853-8768-1d83a37146f5,c:olSmeg,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-797d947f74-gtzsj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:436.440.728.90,am:i,cc:436.440.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:136,mot:0,app:0,maw:0,fm:tPZtIEJ+11%7C12%7C13%7C14%7C15*.5032%7C1511%7C152%7C161%7C17111%7C172%7C18,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:152,oid:685233a3-5448-11ee-a5b5-2eea9eda239b,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.146.58 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-146-58.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
server
nginx
x-server-name
app01.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
13350674.js
s1.adform.net/Banners/Elements/Files/160090/13350674/ Frame 19A2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/13350674.js?ADFassetID=13350674&bv=258
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20234290838/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80a0cdfaa20288404accf54ea26023aae96afebfa31ee2286b68a243cf8ae625

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx000009149994da8bb5978-0064f7a547-3295f883-default
etag
W/"a5a8c4a69032478aff9c8dff0b41b2ea"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=5032&asId=a1544ac2-5720-3853-8768-1d83a37146f5&tv=%7Bc:olSmeD,pingTime:0,time:174,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:174,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:151,wc:0.0.1600.1200,ac:436.440.728.90,am:i,cc:436.440.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B35~100%5D,as:%5B35~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tPZtIEJ+11%7C12%7C13%7C14%7C15*.5032%7C1511%7C152%7C161%7C17111%7C172%7C18,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:152%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:46cd:d9d2:4aa:c72b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
beacon
ce.lijit.com/ Frame 8B11 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon?informer=8128488&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=8128488
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sat, 16 Sep 2023 04:20:46 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap7ams1
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=5032&asId=a1544ac2-5720-3853-8768-1d83a37146f5&tv=%7Bc:olSmeN,pingTime:-2,time:184,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1248,bdZ:1440,beA:1441,beZ:1442,mfA:1578,cmA:1579,inA:1579,inZ:1583,prA:1583,prZ:1587,si:1593,poA:1594,poZ:1609,cmZ:1609,mfZ:1609,loA:1618,loZ:1620,ltA:1625,ltZ:1625,mdA:1443,mdZ:1543%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.108,dom:body%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:184,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:151,wc:0.0.1600.1200,ac:436.440.728.90,am:i,cc:436.440.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B45~100%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tPZtIEJ+11%7C12%7C13%7C14%7C15*.5032%7C1511%7C152%7C161%7C17111%7C172%7C18,idMap:15*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:152,slid:%5Bgoogle_ads_iframe_/8691100/Wheregoes_S2S_Leaderboard_ATF_ROS_0,google_ads_iframe_/8691100/Wheregoes_S2S_Leaderboard_ATF_ROS_0__container__,bsa-zone_1641228026595-4_123456%5D,sinceFw:30,readyFired:true%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:46cd:d9d2:4aa:c72b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
screen.css
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		1 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a16b1c8e343db66aca819f0d4a5ef65ab1cb03866b669d70859eef3cc09c53b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx000007228170e8364d307-0064f7a547-32959e94-default
etag
W/"b65281aba44079c398fd1bb61e127021"
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 19A2 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx0000015bdd5c9ed468257-0063765d71-32940f80-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		103 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
633fb6fc9eac2448a9c6364dd9280446722fd2f97d57b478296cf93241c6f254

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx0000007b74366827738b1-0064f7a547-32959e94-default
etag
"a720bb53aaae90afb9b901ded31b4adc"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
103
text0.png
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/text0.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b144c61299dab14dbdb4a37256d24eed0f0e589c58f2355c4edc80e455cd5ae4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx00000e3b20c9f6df0bea6-0064f7a547-32959e94-default
etag
"257d886e6f72c5d7c22c12447035ec30"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3207
text1.png
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
478fb79449576f5029971ec28cf9a3a0e95390532c44097880a76ac5a121a68f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx000009da42ea895586518-0064f7a547-329552a5-default
etag
"3cd0545dffbb275ce029dd3a1f4296a2"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4378
text2.png
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
be03c670531102ab7b80344b9398898dde6f284b9cb8e84e8a2569b029555ec2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx0000042a2b94687d9ecd3-0064f7a547-32959ea8-default
etag
"ac59458b1e1f59a3163b5c26f68125cb"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6322
stoerer.png
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/stoerer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a132f16dea366dcce956b290ade0a3980fd04edf5f44e6dc74ce63d292fab7d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx0000031e8a3dd791a6d04-0064f7a547-3295f883-default
etag
"c17e66c91f6fe42559aa6531bc85f6c0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3906
disclaimer.png
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
ff2bab9d0d3f5679fa7864b03d61c4386056d106003d3b2e07d66062eb8aa7ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx000006067d353ff28bd69-0064f7a547-329552a5-default
etag
"15ceec80ccff1c84dc439d85579f3a0a"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4187
date.png
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d7c65c8d0a56eb7b29edbb54b59ac57d88f821dd2c423ba7f5133e2685568e7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx00000ee4bf40bbfda3463-0064f7a547-32959ea8-default
etag
"6cf57cc82942f1031dc74763a4b16ef8"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1694
cta.png
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/cta.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9a9350aa8e6bf4d9b69e0cef79f1fd74dc2c35c3e8906f81242982ebab2e7cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx00000a5e2f5cd9765ed3f-0064f7a547-3295f919-default
etag
"1ee001543629d661ff95e19e780c7e96"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2733
logostart.png
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/logostart.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a333394f451dfdea52bd13a18ea4390e128bf71686b93d0cc00d8b6b486b6533

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx00000a6e3c9c4ce1a98ac-0064f7a547-32959e94-default
etag
"aabd6206e7fbcc6c582be0f35580a8a5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2631
logosmall.png
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/logosmall.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e67c428bfa187ecbca4fa7acff23c00662cb87b178171eb5f3d4f7714fb9449e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx00000f6947b9c42309fcd-0064f7a547-3295f883-default
etag
"d16feb7f43a3871e2532a264225f1e43"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2013
model.jpg
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
725a098f7894b715a53fb9f72ca66a11fcd0e63019c4aea06321ccddb31a25db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx00000a1bc1a7301eb3154-0064f7a547-329552a5-default
etag
"3f60ab4f16aca216bf12b623efac6f04"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
5469
background.jpg
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/background.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
6d9d474af69f92fa56800d2b609676e225d16ab91b7b1be34ab5cb26c03d2799

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx00000abc3768e2c2dac6b-0064f7a547-32959ea8-default
etag
"6ea4eb4e67b9a0610e4aadbc9a628dc6"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
4844
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 19A2 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
946154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13668
last-modified
Thu, 22 Jun 2023 11:03:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a86-3564"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UTT7jXzG1vilNgjVsPorWvycZOvs5Sbw%2F2H7s%2FfsFLQvYnMepSIIhQgb%2FMt3V88OOuLY62pAeta0L0EKwps5i60YNaUKVfx8D9IqnT8aGSBmRJk10jj7Xzhv3Stb%2FIdb%2BWTHuFRyShbIBwIs%2Fm2ExdO"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8076519d0c003a9c-FRA
expires
Thu, 05 Sep 2024 04:20:46 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 19A2 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9932014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fhmp07GCZDambIifv6%2BdYzYO1gWRJcDVdO5aIZ5YaMsfzSAvYZ5uMd%2B8zoiR0MVXcHHqhrsxqtaMI3i7ZldT0yaPtpSrmWcMZ5vlyW315SBHpdMksU5VcTOi9qLlLzkaqzmsZiQWgiXYfSVs0cmouKCz"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8076519d0c023a9c-FRA
expires
Thu, 05 Sep 2024 04:20:46 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 19A2 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
877612
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8578
last-modified
Thu, 22 Jun 2023 11:03:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a86-2182"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgifDsaFyzS%2BFPBns%2Bpd3x8BoK2z2Mrf2J%2BV4xNo3fAM30l3BfROKO9U%2FeLr%2BCCVvAJJ7Eob9wGjlog0ZoVcBEovJ%2FCudkcMZZWgAyrahLJzRYJKIAvQ3zDqdnRqsCfXU1i8lCgNq5NG8ED%2B0OEiZ7%2Bx"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8076519d0c033a9c-FRA
expires
Thu, 05 Sep 2024 04:20:46 GMT
script.js
s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/ Frame 19A2 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/13350674/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.233/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
86dbc63d81fb93a0ede58136d7200a006dc8ca3f7a59732fe7bbed691a5e9d5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:24 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 10:36:26 GMT
server
nginx
x-amz-request-id
tx00000fcc2a6ccaba2f3a9-0064f7a547-329552a5-default
etag
W/"95d960e926fa62026d5e3406a0acd037"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=5032&asId=a1544ac2-5720-3853-8768-1d83a37146f5&tv=%7Bc:olSmjv,pingTime:-10,time:476,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC42MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1694838046512%7C%7C9c73921e2cfc9c287c49da6c5dc63888%7C%7C2e6de925b83fb1ba2705210ba8c28c4b%7C%7Cd7fb2c6fac9262580e57565809fb0743%7C%7C5541110b6f3b78b081dd702b16e9602f%7C%7Cd7f4da7a29ec2635f55797d242a87ff6%7C%7Cf9576b51dc18f35a272e916c2fe8ba2a%7C%7C2b3e4c9b5e3dfa205c4d4bfae12db26e%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:46cd:d9d2:4aa:c72b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
server
nginx
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 3758 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstlKK8b3vBwGdEr-CzjTTRBJi7mQHCOnG2onPdVGqvrQ4YGo63fXuEM35nEgKUvJv0YaMYk_mvZJSUpMYf2sbzAee9upN-V7DLqijGx3VLMmtYv528efQqc1hFLtzSX&sig=Cg0ArKJSzMBSJeRNfGqwEAE&id=lidar2&mcvt=1000&p=666,1091,933,1391&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=0.94&vu=1&app=0&itpl=19&adk=2861055222&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694838044611&rpt=958&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:20:46 GMT
syncframe
gum.criteo.com/ Frame 3B1B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 04:20:45 GMT
server
Kestrel
server-processing-duration-in-ticks
689253
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:46 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 17 Sep 2023 04:20:46 GMT
sid
mug.criteo.com/ Frame 3B1B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wheregoes.com&sn=ChromeSyncframe&so=3&topUrl=wheregoes.com&bundle=zCm86V9JRkNNbXBPZHNyZ0NURFR6a2l0V0RBOFJScUdRSFo1TERVeUtjVnFJcnNqOTRaMDZ0...
  • https://mug.criteo.com/sid?cpp=2iVod3xhcjcvR1pNbE8zZ3BYZjNCaVM1RlVPTStZRVZDTFZwTnZWYTdpN0tLNnR5Y3VCdjdzQ1dCNUVwakNRcUtyRi83am92TUxkVmxVNlR0Tnh1b1hUTkhCR2o4eloraWxPRDRtaVREeXJLd21TTXhCQnRTVkRhbGMrNW...
428 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=2iVod3xhcjcvR1pNbE8zZ3BYZjNCaVM1RlVPTStZRVZDTFZwTnZWYTdpN0tLNnR5Y3VCdjdzQ1dCNUVwakNRcUtyRi83am92TUxkVmxVNlR0Tnh1b1hUTkhCR2o4eloraWxPRDRtaVREeXJLd21TTXhCQnRTVkRhbGMrNW5VYVJudzh0M0RBRVJjTnd3RUp5NXB2UHZNR2RrRzdvdU4rNkNlWUFIQisrZnVUVzgxM2V4WE1iT092MUJXZUhJRTRFaFZjT1ArSmxZa3hTemRyamM2bDdmZDRFRW1yd2Y0Rk9YMklHak1UVDRIT2JSMWd5eXlpRHc2bUxCRGVqaTEwUFZNbS9lYjN3ZHVWekZ5WGFpVzRlalh5bW9HRXRST1lwZlB0QkRpNlpzeUFTYUNyZz18&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8437fb2e87772ecfdac5c13c4f439f1f02abb0488788bb73b5d13e75052a33f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
792108
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:45 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=2iVod3xhcjcvR1pNbE8zZ3BYZjNCaVM1RlVPTStZRVZDTFZwTnZWYTdpN0tLNnR5Y3VCdjdzQ1dCNUVwakNRcUtyRi83am92TUxkVmxVNlR0Tnh1b1hUTkhCR2o4eloraWxPRDRtaVREeXJLd21TTXhCQnRTVkRhbGMrNW5VYVJudzh0M0RBRVJjTnd3RUp5NXB2UHZNR2RrRzdvdU4rNkNlWUFIQisrZnVUVzgxM2V4WE1iT092MUJXZUhJRTRFaFZjT1ArSmxZa3hTemRyamM2bDdmZDRFRW1yd2Y0Rk9YMklHak1UVDRIT2JSMWd5eXlpRHc2bUxCRGVqaTEwUFZNbS9lYjN3ZHVWekZ5WGFpVzRlalh5bW9HRXRST1lwZlB0QkRpNlpzeUFTYUNyZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
397441
content-length
0
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 740C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8MMF4jcSXxU1JSSxAThVEdKQ4awwjSul1-IaCw44lhSBzvBpr-MrIVViUQ7R3JHhXtQRtQolQRbGhY16AjG8Fjnd9f4YEHmKXMC4CNSwa9jsrM5FKuuBP3qLnL7c3&sig=Cg0ArKJSzH4uDTOVwUGhEAE&id=lidar2&mcvt=1001&p=440,436,547,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=0.84&vu=1&app=0&itpl=19&adk=1696759606&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694838044596&rpt=1271&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/Serving/Event/ Frame 3758 		35 B
590 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=63477641&event=178&time=2&baid=58157791&name=Viewable%20impressions&imprid=8525540383205514067&icid=3757237494770433060&eData=Sqb-8hmhZ50jYfzXDxWzZK3uuH_w-T4sYaJU2uM20Nmz_wrjWOMq3iILmzaNA5bOZ4kMixJ_TjAau94oJsHc8Q2&rtbdata=0L1ZDbaSoQedTd0GZbZXOPsSqURZ8OZSjomTqSl4TT2ttMP3jKOsfmmTFnbExOITjrvt3_gbA9_NotpUPY8BrnNn_FiDNQAKI8Yu0fipInmDa04QQ_an43LOVWHVpGky2r6JLcaX_2Abz9RJntpJYx345yz3_Yw3FQLMVb2a6WhoRbD3iOdkLt6ZLIIHSytiE5zcbUUxXPuyUBkNx2AAzA2&rtbwp=0.0523-EJ_IZKIAq55oUbYqKknhMla6-2Mw39S00&rnd=299010201
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://wheregoes.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 3758 		35 B
590 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3757237494770433060@@63477641,8525540383205514067,100|1200|0|0|0|0|0|0|0||47|0|||0|1200|1|0|0|8G7VUPSfFGm48M5tcwHHbVh9rWHNT2sPehqgehOtN9V7kY5eIm3dHhhpnBRkvb3lA7z_uuw_WOM1|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://wheregoes.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
viewability
hal900015.redintelligence.net/ Frame A0CD 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900015.redintelligence.net/viewability?s=40256400009887409150649012449015&a=5c46b716&vb=v
Requested by
Host: hal900015.redintelligence.net
URL: https://hal900015.redintelligence.net/request_content.php?s=40256400009887409150649012449015&a=cc09cc0f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.135.164 St. Ingbert, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.135.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900015.redintelligence.net/request_content.php?s=40256400009887409150649012449015&a=cc09cc0f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:47 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
track.adform.net/serving/unload/ Frame 740C 		35 B
590 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3757237494770433060@@67239551,5816195998601280387,100|1100|0|0|0|0|0|0|0||37|0|||||1|0|0|M15RJsV6LatX7EYoWZQhUVh9rWHNT2sPQ-_yE_e0LOGdnM1Snk8gsBhpnBRkvb3lA7z_uuw_WOM1|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wheregoes.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://wheregoes.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=5032&asId=a1544ac2-5720-3853-8768-1d83a37146f5&tv=%7Bc:olSmuM,pingTime:1,time:1175,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1175,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:151,wc:0.0.1600.1200,ac:436.440.728.90,am:i,cc:436.440.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:119,fm:tPZtIEJ+11%7C12%7C13%7C14%7C15*.5032%7C1511%7C152%7C161%7C17111%7C172%7C18,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:152,sis:229%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:46cd:d9d2:4aa:c72b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
server
nginx
x-server-name
dt11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=5032&asId=a1544ac2-5720-3853-8768-1d83a37146f5&tv=%7Bc:olSmuM,pingTime:1,time:1175,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1175,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:151,wc:0.0.1600.1200,ac:436.440.728.90,am:i,cc:436.440.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1036~100%5D,as:%5B1036~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:119,fm:tPZtIEJ+11%7C12%7C13%7C14%7C15*.5032%7C1511%7C152%7C161%7C17111%7C172%7C18,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:152,sis:229,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:46cd:d9d2:4aa:c72b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
server
nginx
x-server-name
dt05.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=5032&asId=a1544ac2-5720-3853-8768-1d83a37146f5&tv=%7Bc:olSmuN,pingTime:1,time:1176,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:151%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1176,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:151,wc:0.0.1600.1200,ac:436.440.728.90,am:i,cc:436.440.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1037~100%5D,as:%5B1037~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:119,fm:tPZtIEJ+11%7C12%7C13%7C14%7C15*.5032%7C1511%7C152%7C161%7C17111%7C172%7C18,idMap:15*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:152,sis:229,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4281:46cd:d9d2:4aa:c72b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
server
nginx
x-server-name
dt18.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
beacon
ap.lijit.com/ Frame AC8C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=8128488
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date
Sat, 16 Sep 2023 04:20:47 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
X-Sovrn-Pod
ad_ap1ams1
/
onetag-sys.com/usync/ Frame E698 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1694838044203
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame 147B 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
550a15c8f075753296fd550f5b027074d1a5d25598662aca96aaf66780315a3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8485
content-type
text/html; charset=UTF-8
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
Mon, 18 Sep 2023 04:20:47 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
async_usersync.html
acdn.adnxs.com/dmp/ Frame 37F0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
78304
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 16 Sep 2023 04:20:47 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5289, 335746
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230110-FRA
X-Timer
S1694838048.548984,VS0,VE0
sync.html
public.servenobid.com/ Frame B806 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.30 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
79008
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 15 Sep 2023 06:24:00 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
x-amz-cf-id
xenxRyDyoerbbKbQvD6_-b5sFlTP86DPrtukhrz20pdBqxwfk5JhrQ==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame 54AF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Sep 2023 04:20:47 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 54AF 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:37:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40576
Connection
keep-alive
Content-Length
10521
Expires
Sat, 16 Sep 2023 15:37:03 GMT
/
track.adform.net/serving/unload/ Frame A0CD 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=3757237494770433060@@67114533,5253335155645370693,100|1114|0|0|0|0|0|0|0||38|1|||||1|0|0|a0Dq1P0vYoTxBx_RTJEBJ1h9rWHNT2sPehqgehOtN9VjXcANRzWqR_L_QlhaeLlf0|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900015.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900015.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
log
c21lg-d.media.net/ Frame 147B 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3378396458280469000V10&origin=1&flt=0
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C2099%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.160.23 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:47 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sat, 16 Sep 2023 04:20:47 GMT
khaos.json
token.rubiconproject.com/ Frame 54AF 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LMLIT8GW-5-92YU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
13926
g2.gumgum.com/usync/ Frame 308B 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.198.137 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
32f52745e61506ca010f4fc1a13e7e9d4573227b2cdc5c7387ad162ee7c78287

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sat, 16 Sep 2023 04:20:47 GMT
etag
W/"0e4cf80feddfd23c15c1e3b89f1ef610e"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame A211 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 9424 		714 B
916 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.149.192.197 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e2320b9366a9a7b7d13d22bd9395552806ca93ed82fda541eff30f69ee95e956

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
714
content-type
text/html
date
Sat, 16 Sep 2023 04:20:47 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 483E 		2 KB
1020 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a4db87c82b07834b82111af299301b5e6a8cb7b9c471de57d516629cc3c636c

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
807651a5af18362d-FRA
content-encoding
br
content-type
text/html
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GX3ZRyin9A1NfedKdtP2gRFYpQVWfu1OpFjJcgj8HNBH2ajTOPAhRiJhQCgZSGkprH%2F0nQJbqrN23YJqZndeqWyfQxdBeECo3TwiS35%2BUVEe6BLcI0wEKnBUHorq1Zot3i1QdwUgapSuAg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame A281
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Sep 2023 04:20:47 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 16 Sep 2023 04:20:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D3A5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88568
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
Sun, 17 Sep 2023 04:56:55 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 3550 		0
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:4400:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sat, 16 Sep 2023 04:20:47 GMT
server
istio-envoy
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-id
MzLjjNgjZsOp-erBs8HBpXX0xF5wsOZnY6gBeE2lxo-CoSrbMgp4sQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 1827 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Sat, 16 Sep 2023 04:20:47 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 0CF2 		0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.229.235.214 -, , ASN (),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Sat, 16 Sep 2023 04:20:47 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame B806
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4380659188768351338
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=4380659188768351338
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
an-x-request-uuid
9aefeebe-245a-4b81-b3ed-99418ca70d54
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=4380659188768351338
x-proxy-origin
217.114.218.20; 217.114.218.20; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame B806
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HVDEvRZHKi5YOkHgTiyHySZc
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HVDEvRZHKi5YOkHgTiyHySZc
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:47 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HVDEvRZHKi5YOkHgTiyHySZc
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap7ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame B806 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.91 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 16 Sep 2023 04:20:47 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame B806
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1694838047713
  • https://ad.turn.com/r/cs?pid=45&rndcb=4762385104
  • https://sync.1rx.io/usersync/turn/8205491501728770872?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003
date
Sat, 16 Sep 2023 04:20:47 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1fc54ac0b2b249d5ae7bd58cb1056800003
content-type
text/html
sync
ads.servenobid.com/ Frame B806
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5107433829925329579
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5107433829925329579
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5107433829925329579
Date
Sat, 16 Sep 2023 04:20:47 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame B806 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.35 -, , ASN (),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-170
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame B806
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
occ
ups.analytics.yahoo.com/ups/58559/ Frame B806 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58559/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame B806
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-103ed757-1865-324c-ba1b-fcb6e49f73c1
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-103ed757-1865-324c-ba1b-fcb6e49f73c1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:48 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-103ed757-1865-324c-ba1b-fcb6e49f73c1
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame B806 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58632/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame B806 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.77.133.205 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-77-133-205.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
sync
ads.servenobid.com/ Frame B806
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Sat, 16 Sep 2023 04:20:47 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sat, 16 Sep 2023 04:20:47 GMT
pbs.gif
sync.admanmedia.com/ Frame B806 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:47 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
async_usersync
ib.adnxs.com/ Frame 37F0 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
an-x-request-uuid
0a484dbc-4711-410a-8527-341075a92eab
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.20; 217.114.218.20; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 483E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 483E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQUtHerse6DcEux39_KyMgAABLAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEXzRPLahv6pWThQv5HUZs4&google_cver=1
43 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEXzRPLahv6pWThQv5HUZs4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d54w6vRaj825HbJhI4BkbJUD8UgAqE%2F241%2BpY05HLSFo9V5grE2iaStK3qYCR391270tczy%2Bx%2F6B35ewCzGVXQFx2KK3vQ3KdT7Ws2fI9RvLMYmD1iaEHz%2Bv4q3wszRrneN5Sy5%2BfT%2B1cA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
807651a62f2b8ffb-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEEXzRPLahv6pWThQv5HUZs4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 483E
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZQUtHerse6DcEux39-KyMgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED8op5utjtVpOK6-CKa6gA0&google_cver=1
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED8op5utjtVpOK6-CKa6gA0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSGQSZExYvLNAcoq5hmQwdpVtPEI670uOz%2B%2F4Gq2RnNWXEOBDXUPg33wBHQdOpCjLZf3zOw2QsW0pzZqe%2FkO7qwR9MjEvq6ZEBH1jYKlUknf04LdtwBKqQenBSG%2BScNj7Cjo%2BUR1DGXmjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
807651a65f548ffb-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED8op5utjtVpOK6-CKa6gA0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 483E 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQUtHerse6DcEux39_KyMgAABLAAAAAB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
D8WQK02C0NWW9VN6RRA7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 483E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers
ibs:dpid=23728&dpuuid=ZQUtHerse6DcEux39-KyMgAA%261200
dpm.demdex.net/ Frame 483E 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZQUtHerse6DcEux39-KyMgAA%261200?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.204.82 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-204-82.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-0ec6ca8b8.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
u1CBMmr8QQM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
rum
dsum-sec.casalemedia.com/ Frame 483E
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=ZQUtHerse6DcEux39-KyMgAA%261200&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=21d6f16d-d58b-4721-83c2-5423f3ca511d-tuctbfeb29f
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=21d6f16d-d58b-4721-83c2-5423f3ca511d-tuctbfeb29f
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44G2%2Bzwb8fJG80Af1Cn6v1nHT4BlqW%2BELsgED76ZRYuewKjHvPWAIUsDA%2F7YasMTiDxrXLwYIJMC6cHX8YpBiFjJBY35W0qXgXy2TmUHlotZpdfQR6akkYd5t6GVAyKlrMrw7jUbsWgpjw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
807651a63f388ffb-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=21d6f16d-d58b-4721-83c2-5423f3ca511d-tuctbfeb29f
date
Sat, 16 Sep 2023 04:20:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
25690
rum
dsum-sec.casalemedia.com/ Frame 483E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8205491501728770872
43 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8205491501728770872
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X73FBLivDjDNKfC5GWV6TufpsCBO%2FfWQeF7Wi3Is4%2FVhuVWPtZCKkR%2FsEYJJzENmeEJwqK8cQqqMNug%2B2kFpptW%2Be4S89xAsfRiR7cHZ18eXTFauC4VX088mhFhS5KorFLRvy2%2FuXmnUKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
807651a69f7d8ffb-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8205491501728770872
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sync
ads.servenobid.com/ Frame 483E 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZQUtHerse6DcEux39_KyMgAABLAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame D3A5 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=21331179&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a22566da7a0823f65f1b5d7870e49d7d62bcf6e18dc2b0a2967a91c12610d600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sat, 16 Sep 2023 04:20:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame A281 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:37:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40576
Connection
keep-alive
Content-Length
10521
Expires
Sat, 16 Sep 2023 15:37:03 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame A281 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LMLIT8GW-5-92YU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
usersync.gumgum.com/ Frame 308B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4380659188768351338
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4380659188768351338
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
an-x-request-uuid
496406d8-3127-48c7-803e-b0ba3a6348ef
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4380659188768351338
x-proxy-origin
217.114.218.20; 217.114.218.20; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 308B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_a100e7ad-8fbe-4ef7-bbfa-55484200b816&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=3757237494770433060&ssp=gumgum2
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=70&user_id=3757237494770433060&ssp=gumgum2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.195.36.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-36-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:21:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://x.bidswitch.net/sync?dsp_id=70&user_id=3757237494770433060&ssp=gumgum2
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
syncPlatform
sync.outbrain.com/ Frame 308B
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%286EQG8C8Glv7ePbhxQlclpj9qcpljsbRwoaVvJchMVGnQu4aHvkjo7o4pLg4YY94s%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_a100e7ad-8fbe-4ef7-bbfa-55484200b816&obuid=ENC(6EQG8C8Glv7ePbhxQlclpj9qcpljsbRwoaVvJchMVGnQu4aHvkjo7o4pLg4YY94s...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:48 GMT
Cache-Control
no-cache
X-TraceId
67e3520cdf5b3b67b6f3d178f847d865
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Sat, 16 Sep 2023 04:20:48 GMT
X-TraceId
d9faec68c6225946b1277033eff5e200
Content-Length
0
usersync
usersync.gumgum.com/ Frame 308B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=9fd207e2-07c2-4c7f-8a69-b7f6b37c8889
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=9fd207e2-07c2-4c7f-8a69-b7f6b37c8889
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 16 Sep 2023 04:20:47 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=9fd207e2-07c2-4c7f-8a69-b7f6b37c8889
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 308B
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1dd24f84-2c59-5a90-62df-375aca4d2799$ip$217.114.218.20
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1dd24f84-2c59-5a90-62df-375aca4d2799$ip$217.114.218.20
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1dd24f84-2c59-5a90-62df-375aca4d2799$ip$217.114.218.20
Date
Sat, 16 Sep 2023 04:20:47 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 308B
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-VWtNvixE2pch_EFFAov88n5RSSywWq7yZ7yY~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-VWtNvixE2pch_EFFAov88n5RSSywWq7yZ7yY~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sat, 16 Sep 2023 04:20:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-VWtNvixE2pch_EFFAov88n5RSSywWq7yZ7yY~A
content-length
0
usersync
usersync.gumgum.com/ Frame 308B
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=4bd2efee-924f-4a80-8826-c23103e701ea
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=4bd2efee-924f-4a80-8826-c23103e701ea
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=4bd2efee-924f-4a80-8826-c23103e701ea
Date
Sat, 16 Sep 2023 04:20:47 GMT
Connection
keep-alive
X-CI-RTID
5f7351f4-7883-4af7-9a71-37e5f4f00612
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 308B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 -, , ASN (),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 308B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_a100e7ad-8fbe-4ef7-bbfa-55484200b816&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=7HPdizYvHcL0UY4hdOCY&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2N2IKBSGS6SZOZEGGTBQKVMTI2DEJ5BVS...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7HPdizYvHcL0UY4hdOCY&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7HPdizYvHcL0UY4hdOCY&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:48 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=7HPdizYvHcL0UY4hdOCY&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
server_match
ad.360yield.com/ Frame 308B 		43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.48.217.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-217-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 16 Sep 2023 04:20:47 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 308B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=8mFnlyju93gn&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=8mFnlyju93gn&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:48 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=8mFnlyju93gn&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-f59c96d6-x7vtb
expires
-1
usersync
usersync.gumgum.com/ Frame 308B
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=5068110651579253943
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=5068110651579253943
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sat, 16 Sep 2023 04:20:47 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=5068110651579253943
date
Sat, 16 Sep 2023 04:20:47 GMT
content-length
0
sync
ads.servenobid.com/ Frame 308B 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_a100e7ad-8fbe-4ef7-bbfa-55484200b816
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
rtb.gumgum.com/ Frame 9F8D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]
  • https://rtb.gumgum.com/usersync?b=adf&i=3757237494770433060&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=3757237494770433060&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.229.198.137 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Sat, 16 Sep 2023 04:21:07 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=3757237494770433060&gdpr=%5BGDPR%5D&gdpr_consent=%5BGDPR_CONSENT%5D
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
usersync
usersync.gumgum.com/ Frame 1C37
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZQUtHwAQoCl7pAAN
  • https://usersync.gumgum.com/usersync?b=atm&i=ZQUtHwAQoCl7pAAN&gdpr=0&gdpr_consent=&_test=ZQUtHwAQoCl7pAAN
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZQUtHwAQoCl7pAAN&gdpr=0&gdpr_consent=&_test=ZQUtHwAQoCl7pAAN
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 16 Sep 2023 04:20:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sat, 16 Sep 2023 04:20:47 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZQUtHwAQoCl7pAAN&gdpr=0&gdpr_consent=&_test=ZQUtHwAQoCl7pAAN
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-etou8220032-FRA
x-timer
S1694838048.944471,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 4887 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9hMTAwZTdhZC04ZmJlLTRlZjctYmJmYS01NTQ4NDIwMGI4MTY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 727E 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=88568
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
Sun, 17 Sep 2023 04:56:55 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 0414 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Sat, 16 Sep 2023 04:20:47 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame D7E3
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZQUtIMCo5tIAAE81UBQAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZQUtIMCo5tIAAE81UBQAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 16 Sep 2023 04:20:48 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sat, 16 Sep 2023 04:20:48 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZQUtIMCo5tIAAE81UBQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad417.dc4p.scaleout.jp
X-SO-IP
217.114.218.20
X-SO-Key
ZQUtIMCo5tIAAE81UBQAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZQUtIMCo5tIAAE81UBQAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad417"}
X-SO-LB-Hostname
a-tgng40014.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad417
gumgum
cs.admanmedia.com/sync/ Frame 0FEF 		20 B
189 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_a100e7ad-8fbe-4ef7-bbfa-55484200b816&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.166 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Sat, 16 Sep 2023 04:20:48 GMT
Server
nginx
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame B1D2
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=RmrSYzCVMfTBJ0lGOHUq&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=RmrSYzCVMfTBJ0lGOHUq&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sat, 16 Sep 2023 04:20:47 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sat, 16 Sep 2023 04:20:47 GMT Sat, 16 Sep 2023 04:20:47 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=RmrSYzCVMfTBJ0lGOHUq&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 2E20
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 16 Sep 2023 04:20:47 GMT
ETag
"40011-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sat, 16 Sep 2023 04:20:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
sync
ads.servenobid.com/ Frame 9424 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=636785634354218016&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003
sync.targeting.unrulymedia.com/csync/ Frame 9424
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=2031601055
  • https://sync.1rx.io/usersync/turn/8205491501728770872?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
46.228.174.117 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:48 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location
https://sync.targeting.unrulymedia.com/csync/RX-1fc54ac0-b2b2-49d5-ae7b-d58cb1056800-003
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:48 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
content-type
text/html
/
rtb-csync.smartadserver.com/redir/ Frame 9424
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3757237494770433060&gdpr=0&gdpr_consent=
43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3757237494770433060&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:21:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=3757237494770433060&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 9424 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
s.ad.smaato.net/c/ Frame 9424 		0
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:5a00:1b:5138:8a40:93a1 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:32 GMT
via
1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-C2
age
15
x-cache
Hit from cloudfront
cache-control
no-cache, must-revalidate
x-amz-cf-id
hbmH18aYZF8rwVFnQHiWRKRfg8ODIIpMmeGVhOPyQZmhLSH6zAea3w==
Pug
simage2.pubmatic.com/AdServer/ Frame E1E3
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
Sat, 16 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
689963
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame A7E1 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=7F931A00-F6CC-4838-8D36-CF34C7AC9665&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Sat, 16 Sep 2023 04:20:47 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Y321519T8X94CC0TCFQN
Pug
image2.pubmatic.com/AdServer/ Frame 11EC
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uUNl3L0SZI-iEmLRuUd427lCMd2iFDDQvkcPH73g
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uUNl3L0SZI-iEmLRuUd427lCMd2iFDDQvkcPH73g
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uUNl3L0SZI-iEmLRuUd427lCMd2iFDDQvkcPH73g
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 805A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4380659188768351338&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4380659188768351338&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7d88e075-7342-4dc6-ac5a-4ab3062dea0b
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4380659188768351338&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
217.114.218.20; 217.114.218.20; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame C8C7
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7279273983894681742&gdpr=0&gdpr_consent=
42 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7279273983894681742&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Sat, 16 Sep 2023 04:20:47 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7279273983894681742&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 5869
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HdJPhCxZWpBi3zdayk0nmdly2hQ&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HdJPhCxZWpBi3zdayk0nmdly2hQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Sat, 16 Sep 2023 04:20:47 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HdJPhCxZWpBi3zdayk0nmdly2hQ&gdpr=0&gdpr_consent=
bridge
cm.adgrx.com/ Frame 1FA2 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-1
Pug
image2.pubmatic.com/AdServer/ Frame 3EA3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDMHRFN0tDbG9BQUNYMkJvVzNzdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAC0tE7KCloAACX2BoW3sw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=636785634354218016&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAC0tE7KCloAACX2BoW3sw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D636785634354218016%26gdpr%3D0%26gdpr_consent...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=636785634354218016&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAC0tE7K...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC0tE7KCloAACX2BoW3sw&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC0tE7KCloAACX2BoW3sw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Sat, 16 Sep 2023 04:20:48 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAC0tE7KCloAACX2BoW3sw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 62FF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQUtHwAQuzaslgAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Sat, 16 Sep 2023 04:20:48 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220032-FRA
x-timer
S1694838048.957268,VS0,VE93

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Sat, 16 Sep 2023 04:20:47 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZQUtHwAQuzaslgAb
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220032-FRA
x-timer
S1694838048.843759,VS0,VE93
/
csync.loopme.me/ Frame 63BF 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame E1BD
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbb949607ced042f3a72ea0c550381a2b
42 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbb949607ced042f3a72ea0c550381a2b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUbb949607ced042f3a72ea0c550381a2b
pragma
no-cache
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 5A57
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7F931A00-F6CC-4838-8D36-CF34C7AC9665&gdpr=0&gdpr_consent=
42 B
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7F931A00-F6CC-4838-8D36-CF34C7AC9665&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:46 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 16 Sep 2023 04:20:46 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=7F931A00-F6CC-4838-8D36-CF34C7AC9665&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
ipac.ctnsnet.com/int/ Frame 1938 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 -, , ASN (),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Sat, 16 Sep 2023 04:20:47 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 687A
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7887662680556711373
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7887662680556711373
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7887662680556711373
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 26F8
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829925329579
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829925329579
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Sat, 16 Sep 2023 04:20:47 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829925329579
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cookiesync
core.iprom.net/ Frame 3AFC 		43 B
278 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sat, 16 Sep 2023 04:20:47 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-5d67cf4ccc8e@version_1.571v2
X-core-time
0ms
X-server-arch
v2
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame FD04 		43 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.186.154.107 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-encoding
utf-8
content-encoding
gzip
content-length
51
content-type
image/gif
date
Sat, 16 Sep 2023 04:20:48 GMT
lws
124
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
i.match
s.tribalfusion.com/z/ Frame 0B10
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
432 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
807651a8aa739a2a-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
807651a779c59a2a-FRA
content-type
text/html
date
Sat, 16 Sep 2023 04:20:48 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
436
sync
ads.servenobid.com/ Frame 3EAB 		0
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=7F931A00-F6CC-4838-8D36-CF34C7AC9665
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.209.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-209-60.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Sat, 16 Sep 2023 04:20:47 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D3A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f5MaAPbMSDiNNs80x6yWZQ%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
184.30.16.195 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:48 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=88567
accept-ranges
bytes
content-length
5606
expires
Sun, 17 Sep 2023 04:56:55 GMT

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame D3A5 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7F931A00-F6CC-4838-8D36-CF34C7AC9665&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.3.179
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame D3A5
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1733383902
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7F931A00-F6CC-4838-8D36-CF34C7AC9665
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7F931A00-F6CC-4838-8D36-CF34C7AC9665
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:48 GMT
via
1.1 google
last-modified
Sat, 16 Sep 2023 04:20:48 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=7F931A00-F6CC-4838-8D36-CF34C7AC9665
date
Sat, 16 Sep 2023 04:20:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame D3A5
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=7F931A00-F6CC-4838-8D36-CF34C7AC9665
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=M2JhaU1KUEd2VDZSSG13R25pa3N0MjZRZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=3757237494770433060&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
52.6.12.102 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:48 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Sat, 16 Sep 2023 04:20:48 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame D3A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=N0Y5MzFBMDAtRjZDQy00ODM4LThEMzYtQ0YzNEM3QUM5NjY1&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D3A5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMIv1NycoQynibXjMRVK3bw&google_cver=1
42 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMIv1NycoQynibXjMRVK3bw&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMIv1NycoQynibXjMRVK3bw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D3A5 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Fri, 15 Sep 2023 04:20:47 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame D3A5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3757237494770433060
42 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3757237494770433060
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:21:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3757237494770433060
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame D3A5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
ups.analytics.yahoo.com/ups/58292/ Frame D3A5 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=7F931A00-F6CC-4838-8D36-CF34C7AC9665&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
7F931A00-F6CC-4838-8D36-CF34C7AC9665
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame D3A5 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/7F931A00-F6CC-4838-8D36-CF34C7AC9665?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:ad5e:1111:f66a:1a0c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame D3A5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=f8cdc10e-d394-4bba-be4c-af5c6d4dd8d9&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic&bsw_user_id=f8cdc10e-d394-4bba-be4c-af5c6d4dd8d9&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=2937abe1-eb8a-483b-8845-6dd273a60208&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8cdc10e-d394-4bba-be4c-af5c6d4dd8d9&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8cdc10e-d394-4bba-be4c-af5c6d4dd8d9&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=f8cdc10e-d394-4bba-be4c-af5c6d4dd8d9&gdpr=0&gdpr_consent=&gdpr_pd=
date
Sat, 16 Sep 2023 04:20:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame D3A5 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame D3A5 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=7F931A00-F6CC-4838-8D36-CF34C7AC9665&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame D3A5
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8205491501728770872&gdpr=0&gdpr_consent=&us_privacy=
1 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8205491501728770872&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Sat, 16 Sep 2023 04:20:48 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8205491501728770872&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame D3A5
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8eee50d1-145e-4fe0-add5-263f3b44c15e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8eee50d1-145e-4fe0-add5-263f3b44c15e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sat, 16 Sep 2023 04:20:46 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:8eee50d1-145e-4fe0-add5-263f3b44c15e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Sat, 16 Sep 2023 04:20:47 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
usync.js
eus.rubiconproject.com/ Frame 2E20 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-22-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Sat, 16 Sep 2023 04:20:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:37:22 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=40576
Connection
keep-alive
Content-Length
10521
Expires
Sat, 16 Sep 2023 15:37:03 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame A281 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame A281
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1164
  • https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3757237494770433060
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3757237494770433060
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:21:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://pixel.rubiconproject.com/tap.php?v=14240&nid=2676&put=3757237494770433060
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
tap.php
pixel.rubiconproject.com/ Frame A281
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=6&p=70&cp=Rubicon&cu=1&url=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D6434%26nid%3D2149%26put%3D%40%40CRITEO_USERID%40%40
  • https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9ff4906c-5eca-480f-ade3-2cdf8c27c6db
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9ff4906c-5eca-480f-ade3-2cdf8c27c6db
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9ff4906c-5eca-480f-ade3-2cdf8c27c6db
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
508152
content-length
0
expires
Sat, 16 Sep 2023 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A281
Redirect Chain
  • https://secure.adnxs.com/getuidnb?https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4894%26nid%3D1986%26put%3D$UID%26expires%3D30
  • https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4380659188768351338&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4380659188768351338&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:48 GMT
an-x-request-uuid
85b0a7e7-3ca3-4912-8d9f-925e44c45a66
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.rubiconproject.com/tap.php?v=4894&nid=1986&put=4380659188768351338&expires=30
x-proxy-origin
217.114.218.20; 217.114.218.20; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A281
Redirect Chain
  • https://ad.turn.com/r/cs?pid=6
  • https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8205491501728770872&expires=60&gdpr=&gdpr_consent=
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8205491501728770872&expires=60&gdpr=&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=8205491501728770872&expires=60&gdpr=&gdpr_consent=
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
generic
match.adsrvr.org/track/cmf/ Frame A281
Redirect Chain
  • https://sync.1rx.io/usersync2/rubicon
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3744543251
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3744543251
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:48 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:48 GMT
etag
RX1fc54ac0b2b249d5ae7bd58cb1056800003
content-type
text/html
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3744543251
cache-control
no-store, no-cache, must-revalidate
expires
0
709414.gif
id.rlcdn.com/ Frame A281 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 04:20:48 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame A281 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Sat, 16 Sep 2023 04:20:47 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
khaos.json
token.rubiconproject.com/ Frame 2E20 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LMLIT8GW-5-92YU
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b71bced807741b20dd93dce6c2d26405
Expires
0
async_usersync
ib.adnxs.com/ Frame 37F0 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Sep 2023 04:20:48 GMT
an-x-request-uuid
50a54ed6-7e14-4527-8c32-c7c6fe61ae78
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
217.114.218.20; 217.114.218.20; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pv.claudiepierlot.com
URL
https://pv.claudiepierlot.com/adl_v.phtml?pvid=criteo~.~retargeting~.~lowerfunnel~.~~.~&chan=RTc
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| documentPictureInPicture object| _wpemojiSettings undefined| $ function| jQuery object| swv object| wpcf7 object| whereGoes function| plausible function| __$PP object| twemoji object| wp object| bsaexperiments object| bsagpt object| bsaheaderbid object| optimize object| googletag object| bsapbChunk object| bsapb object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| bsas2s object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| Criteo function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| regeneratorRuntime object| ox_esp object| __uid2SecureSignalProvider object| __uid2 object| pbjs function| setImmediate function| clearImmediate object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_141 object| Criteo_identitytag_141 number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| Adform boolean| __adform_onload function| ADFReload function| ADFCall function| ADFcall object| google_image_requests object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

53 Cookies

Domain/Path Name / Value
.rubiconproject.com/ Name: khaos
Value: LMLIT8GW-5-92YU
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2Dn0WYmMUlq7U1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDr2OgzBpuYSOtjr9BQ320rtNK4vGyfbdaMxuhZpbWKLtKo1K0XDjsVm+xUA9sgf/4eNEKcfJxgEB
.openx.net/ Name: i
Value: bb439ccb-8650-4bde-b7c4-6ff31f0bba32|1694838044
.criteo.com/ Name: uid
Value: 9ff4906c-5eca-480f-ade3-2cdf8c27c6db
.adnxs.com/ Name: icu
Value: ChgIvahBEAoYASABKAEwnNqUqAY4AUABSAEQnNqUqAYYAA..
.adnxs.com/ Name: uuid2
Value: 4380659188768351338
.wheregoes.com/ Name: __gads
Value: ID=4e735a380471fff8:T=1694838044:RT=1694838044:S=ALNI_MYfjCxzGjF4yJJO478nRZyzdV-ZIg
.wheregoes.com/ Name: __gpi
Value: UID=00000c7634a0a020:T=1694838044:RT=1694838044:S=ALNI_MbrGy5vdCv2_svtkm53tPXWEXXaMg
.doubleclick.net/ Name: IDE
Value: AHWqTUkO-TyjBY6-IFt5V9XYwvaoSmnpQL_G3K8hfYbjgtjoLLP-cJwkV2D9060mRv4
.bidswitch.net/ Name: tuuid
Value: f8cdc10e-d394-4bba-be4c-af5c6d4dd8d9
.bidswitch.net/ Name: c
Value: 1694838044
.bidswitch.net/ Name: tuuid_lu
Value: 1694838044
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3757237494770433060
.adform.net/ Name: TPC
Value: 1694838044970
.yahoo.com/ Name: A3
Value: d=AQABBB0tBWUCENGZAcukFK13s7Ghukg4L6EFEgEBAQF-BmUPZQAAAAAA_eMAAA&S=AQAAAq7NO78kkUfxm_EXFnJCqC4
.linkedin.com/ Name: bcookie
Value: "v=2&f63b74b8-bda4-477d-86fd-f528ed34c4be"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTQ4MzgwNDU7MjswMjGkYgL85TEv484D5amoG6MPb1do2LyGwwnS26gan2Q1Mw==
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2634:u=1:x=1:i=1694838045:t=1694924445:v=2:sig=AQFd5xFepnj--wnrcE49okvW3yKmb5-E"
.media.net/ Name: visitor-id
Value: 3378396458280469000V10
.media.net/ Name: data-c-ts
Value: 1694838045
.media.net/ Name: data-c
Value: k-s8RlsMwBT8GBbnf3cbtUS0duKSw3FWbwwvES1Q~~3
.omnitagjs.com/ Name: ayl_visitor
Value: 0ab400b250a2ebbf1d097ce3d4ee8248
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2GU$gO>5X!]tbPl@/D!9hy6]/CwiD2On=_a*nJRdZL]n3CqM>[CfAU.NrVPaB'OOgl<(z7o3U_>lncs17f%w*bpRz*qF1`*ba@a+Ft1b
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.demdex.net/ Name: demdex
Value: 02171997425877184852208602858193150050
.dpm.demdex.net/ Name: dpm
Value: 02171997425877184852208602858193150050
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22681b4460-5448-11ee-b8a0-c9488dc78b06%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22681b4460-5448-11ee-b8a0-c9488dc78b06%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22681b4460-5448-11ee-b8a0-c9488dc78b06%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22681b4460-5448-11ee-b8a0-c9488dc78b06%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-jLsS6swBT8GBbnf3cbtUS0duKSxz5vxrnVVKCw%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/ Name: CMID
Value: ZQUtHerse6DcEux39-KyMgAA
.casalemedia.com/ Name: CMPS
Value: 1200
.casalemedia.com/ Name: CMPRO
Value: 1200
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-aGThlswBT8GBbnf3cbtUS0duKSzNFOfazupk7w&KRTB&23144-uid:k-aGThlswBT8GBbnf3cbtUS0duKSzNFOfazupk7w&KRTB&23286-uid:k-aGThlswBT8GBbnf3cbtUS0duKSzNFOfazupk7w&KRTB&23287-uid:k-aGThlswBT8GBbnf3cbtUS0duKSzNFOfazupk7w
.pubmatic.com/ Name: PugT
Value: 1694838045
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 3972c7490c304110
.amazon-adsystem.com/ Name: ad-id
Value: AzPf7wAg60FSipq5Ypyjnck
.krxd.net/ Name: _kuid_
Value: PzH1fVDv
.tremorhub.com/ Name: tvid
Value: e5261c2944574762838332d8bf428285
.tremorhub.com/ Name: tv_UICR
Value: k-xd02d8wBT8GBbnf3cbtUS0duKSyksTBLyNU1uA
.tapad.com/ Name: TapAd_TS
Value: 1694838046093
.tapad.com/ Name: TapAd_DID
Value: 4a075556-8f27-46bb-aa5e-25ad9d26883b
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1dd24f84-2c59-5a90-62df-375aca4d2799.TIcG1M0WhP1ecRksEcx0st7%2Bzj%2FBeVtWVQs4UMOfU5c
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1dd24f84-2c59-5a90-62df-375aca4d2799.TIcG1M0WhP1ecRksEcx0st7%2Bzj%2FBeVtWVQs4UMOfU5c
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHdJPhCxZWpBi3zdayk0nmdly2hQ.YA4Jg%2B6Pq88vhqt0FE7B43GW6%2BTIMOUCglYbsrw5Upc
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHdJPhCxZWpBi3zdayk0nmdly2hQ.YA4Jg%2B6Pq88vhqt0FE7B43GW6%2BTIMOUCglYbsrw5Upc
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMV6mz3CjQ5QuND-xDD0qURxI_9YIJXZ5YwNvEu35MYWEHwYBCCe2pSoBjABOgT2YRj6QgRWkCCm.Lj3DvdHUvC0Rnqz%2BVaMJ%2FGKHrrWMfykgHKMy4FBdyzc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMV6mz3CjQ5QuND-xDD0qURxI_9YIJXZ5YwNvEu35MYWEHwYBCCe2pSoBjABOgT2YRj6QgRWkCCm.Lj3DvdHUvC0Rnqz%2BVaMJ%2FGKHrrWMfykgHKMy4FBdyzc
.ipredictive.com/ Name: cu
Value: 4bd2efee-924f-4a80-8826-c23103e701ea|1694838046416
.wheregoes.com/ Name: cto_bundle
Value: 6VNIjl9JRkNNbXBPZHNyZ0NURFR6a2l0V0RKcmolMkZSOTBiUm00OW1SaXFSJTJCQkJNb2cxZTR1RVBRU2RRQ1lCSWtQeUhsZEFwRlJKcmZpeVdveTNYeDc2d0Y0WGJVYjB3dDZWYWttSUFtQWVIRFg1WGdrWVFwMzk2RjlybUFUY2puZzNId2VsRHZpU2VRaHpvWCUyQmxCd3Y4QyUyRlJtUSUzRCUzRA

5 Console Messages

Source Level URL
Text
other warning URL: https://cdn4.buysellads.net/pub/wheregoes.js?1694838000000(Line 6)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=7F931A00-F6CC-4838-8D36-CF34C7AC9665&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://cs.admanmedia.com/sync/gumgum?puid=e_a100e7ad-8fbe-4ef7-bbfa-55484200b816&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

03dd251465dfbbde95fd5c2d6f4d386f.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
a.twiago.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ad.yieldlab.net
ad4m.at
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
api.fouanalytics.com
aws-fr-sync.bidswitch.net
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
bttrack.com
c1.adform.net
c21lg-d.media.net
cat.nl3.eu.criteo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csm.eu.criteo.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
fastlane.rubiconproject.com
g2.gumgum.com
ghent-aws-fr.bidswitch.net
google-bidout-d.openx.net
gum.criteo.com
hal9000.redintelligence.net
hal900015.redintelligence.net
hb-api.omnitagjs.com
hbx.media.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
ipac.ctnsnet.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
pv.claudiepierlot.com
px.ads.linkedin.com
pxdrop.lijit.com
r.casalemedia.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.ad.smaato.net
s.amazon-adsystem.com
s.thebrighttag.com
s.tribalfusion.com
s1.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vap1ams1.lijit.com
visitor.omnitagjs.com
wheregoes.com
widget.nl3.eu.criteo.com
www.google.com
www.googletagservices.com
x.bidswitch.net
csync.loopme.me
pv.claudiepierlot.com
104.18.26.193
13.32.99.30
136.243.149.243
138.201.135.164
141.226.228.48
142.250.186.130
147.75.84.158
151.101.129.108
151.101.2.49
151.139.128.10
162.19.138.118
167.172.55.208
173.231.180.197
178.250.1.6
178.250.1.9
178.250.7.13
18.195.36.161
18.203.183.215
18.223.127.73
18.66.97.109
184.30.16.195
184.30.17.243
184.30.20.22
184.30.22.30
185.184.8.90
185.255.84.150
185.255.84.152
185.86.139.103
192.132.33.69
193.0.160.130
195.5.165.20
198.47.127.19
198.47.127.205
2.16.97.41
2.17.100.211
2.18.160.23
2001:678:cb4:bbbb::11
202.241.208.52
208.93.169.131
213.155.156.184
216.52.2.39
216.52.2.91
23.56.202.187
2600:1f18:1aca:4281:46cd:d9d2:4aa:c72b
2600:1f18:612b:4264:68e0:e587:d65a:6262
2600:9000:211e:5a00:1b:5138:8a40:93a1
2600:9000:21f3:2e00:8:48e:53c0:93a1
2600:9000:223f:4400:1f:4c18:bd40:93a1
2600:9000:2250:3400:a:e047:753:6381
2602:803:c003:200::27
2602:803:c004:200::140
2606:4700:10::ac43:266a
2606:4700:20::681a:bd1
2606:4700:3035::ac43:b70e
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700:e2::ac40:8820
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:80b::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::13
2a02:2638:d::a
2a02:fa8:8806:12::1400
2a05:d018:d29:3601:ad5e:1111:f66a:1a0c
3.123.197.153
3.124.248.207
3.126.137.99
3.229.235.214
3.33.220.150
3.75.62.37
3.77.133.205
34.102.146.192
34.102.163.6
34.107.148.139
34.111.113.62
34.111.129.221
34.111.131.239
34.117.157.22
34.120.135.53
34.203.47.197
34.255.244.27
34.98.64.218
35.186.154.107
35.186.193.173
35.204.74.118
35.244.174.68
37.157.2.247
37.157.4.28
37.157.5.84
37.157.6.232
37.252.171.85
46.228.174.117
51.89.9.254
52.18.182.246
52.206.108.195
52.210.15.1
52.210.204.82
52.213.146.58
52.28.188.58
52.30.209.60
52.44.35.59
52.46.130.91
52.48.217.22
52.48.219.162
52.6.12.102
54.229.198.137
64.202.112.223
64.202.112.31
64.227.64.62
67.220.228.201
69.166.1.35
69.173.144.138
69.173.144.139
69.192.160.219
76.223.111.18
77.245.57.72
8.18.47.7
8.2.110.24
8.43.72.98
80.77.87.166
82.145.213.8
85.114.159.93
85.215.5.31
89.149.192.197
98.98.134.242
0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
050bd28f1d417e64a7f778e8aee3cdf3ae7228f25938bd23f99ea1b144f8bb99
05e3ee484d9218df36cf506bf38524cf2b0cc5a264b999f73c05f67369a6c7f2
07b4dd66a4906c1952e58f15f366fc769604cc68de1bab05c2e66ccf1fee0d13
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a1d9d8eed5af68ed7ce830f43968deefcaa01a3a2fa146b156cc01f6e4a98
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c661e7f23ac9a95df7a4502d2a9ca1991d7dca2ca78f3051fded813f52be0d9
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
117f6b29ec65cc4f9b2e4a332a027da5922d8329472de7383d794099ffccec6a
11ae8459907621edf2c5898c5afa0c057458cffdc77e0c2cb5888cfaa407382c
1309ba72d5c9831aca774eb6109704a740bf549ac2c57ff2c0fa84e6cf19acb4
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
19f4129c1cfc1a9fcb2e94b35853f3d2085c0807564e37971d1ccb6ef2a7e852
1ec6c3522fe5d80db629d1b09bba98f4aa174273c076f859cdebfacd7462e8e0
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
22d5adb4aa92453593af429c21328d550e7490b45f267736b3be9e40453bf73d
2566f2f20ba122f78d6713a1c25217fd221f65a98cda4dedea1571e2e5df19b3
25c3baff20dbf3e10fd2e154be8305c6938eea9b5c731d9b349a7d68fd90aa0c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29784b0cc4492436d85f588fadde4ca615be36ee7eb40a2d46b0b18145e20a31
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32f52745e61506ca010f4fc1a13e7e9d4573227b2cdc5c7387ad162ee7c78287
33d82dd723b361e07a2aeac917313242583a01304892e8fb200b81629cfcebd9
357cd27ea987a15d49dee9ca6c14a4ccce78ba1fd18ae1fa944f16e965771a5d
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
39ff16800bf346f4082a01da923a975ed32ca4668799351f9a0565bb6ae60ede
3aa2622c36b10aca22041aa223c3ca83485bc0960315082ba6d9f39e421cfb39
3cb3622b6557b22d2de98e3b81bc39fc15187883975047085caaddffcd9e369e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42a08a20d3a171ead1fea8a5d065b784974d5634f13ab2125b3568a54ef89f50
44be95c04f477cbdcfe207f468e0d9585410afa2dae9780b4724b901dde27b15
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
478fb79449576f5029971ec28cf9a3a0e95390532c44097880a76ac5a121a68f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d1ad36549feb2112e1554f65644c6a3a7002fb0e6df3e70367bdc50fcbbf2aa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550a15c8f075753296fd550f5b027074d1a5d25598662aca96aaf66780315a3d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55db6082181e4c06b223c95c6d00d3d9e3c4209a1c84986a9174df191d087440
55df28249e9431f2164f9299a5ccd7c04b5eaddf3b1051430e84a1591a0da5f1
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
59b2d4451bd86f17f029d927e5590c794f5f607eb3cde1e1a05730a8b9b36d2d
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f6448b02da7a2e63221c29f10d7add252593f3641bfc50c85831797728c45bd
5fe46d2da01452067736578431f6c6e8116a24e616f58c72d9d81fdb2c7c9569
5ff73fe6f7e963b7135365d3a16efe8b55f9cf3eb11b9d52f86da81659645b24
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
633fb6fc9eac2448a9c6364dd9280446722fd2f97d57b478296cf93241c6f254
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d9d474af69f92fa56800d2b609676e225d16ab91b7b1be34ab5cb26c03d2799
6e7748d5e94af8f249839037fe6b4abafe14454c8166dfc76306986c043d5892
702b400f7d1227c5650a52afe52889f0e362ee0819d71819e466b12743e8d785
725a098f7894b715a53fb9f72ca66a11fcd0e63019c4aea06321ccddb31a25db
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7bdfa3ca3eeae333bd9b69361e3a92600924657de82e8af1a9bafa41f62c07a3
7c2869054ab20d21a4402a2a8ab8156e92a303aa39b364faabf9e4f05d344acb
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2
80a0cdfaa20288404accf54ea26023aae96afebfa31ee2286b68a243cf8ae625
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8437fb2e87772ecfdac5c13c4f439f1f02abb0488788bb73b5d13e75052a33f0
86dbc63d81fb93a0ede58136d7200a006dc8ca3f7a59732fe7bbed691a5e9d5b
89f1a26e9285d896961ede224587a8413356c85a8306f2cbf7f6f65fb84b4b88
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4db87c82b07834b82111af299301b5e6a8cb7b9c471de57d516629cc3c636c
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
905075eea3011ce158c460199e842421ba19f20ec8f450e7f6a2bdcb7382e7d0
91afdb71f29e4a91f6fb9ea0c5c9cdbe42d543c727ebf59f2039286cb1e434d8
91b2454391e727c213d26c21d87009357b86f57c4d0df7cc776cb1ffa4a0a84f
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94e49db8cea4f83ff9e99691dd53d3d263fe81df263260530f3695c58e26d31a
957518d200efbc154ab2fcd7c21032be4fa1877d3b1bd99893b540f672ca5a61
961fdbb67cdf65238a19d9332533c52cca1f3561583adf6b4101fe14778e9e33
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9350aa8e6bf4d9b69e0cef79f1fd74dc2c35c3e8906f81242982ebab2e7cb5
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e07e9e6737d3ca7929abfbb378d8d448ba21f5587f7ce66ffaec0037a83d96a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a132f16dea366dcce956b290ade0a3980fd04edf5f44e6dc74ce63d292fab7d2
a1345530debd90831e84a704862932626993c8cd5208f61269ffc6e7a979c9d2
a16b1c8e343db66aca819f0d4a5ef65ab1cb03866b669d70859eef3cc09c53b3
a22566da7a0823f65f1b5d7870e49d7d62bcf6e18dc2b0a2967a91c12610d600
a2c1629f9030c07ff27b3e2fb5bec958cb01972c4b54e21244ee572f3d5fb8c0
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a333394f451dfdea52bd13a18ea4390e128bf71686b93d0cc00d8b6b486b6533
a338579389359984e61301d6d35da25be4a831ab7fe46b257ff6d502896ad542
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
abc796e81da077504483a36e8619f2e6176d626c90eafa5355d55dd0db2ce33e
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
b117604cee9ddb73346c9f5a89d3dd2ac813ebf1c78fd8879e611c820c755bb0
b11d96b2b3b3072d0342ae1c5032333740b4b4442274ea7bbdba3079a036af49
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b144c61299dab14dbdb4a37256d24eed0f0e589c58f2355c4edc80e455cd5ae4
b206c4dae798a4c2463de84f9112ed6db30d5ae85de7dec6f03d9cd3cf999e33
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e
b53eec73ad80c42b6ade20cacc84d5a78112e7ffc7b041ca9722aa374a05e3bc
ba9f43fbd9c0782c72ff6eddd221abdcfd9642cd4625227ad693347e4d6989db
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbf2413b9511bb70a14ab3712ba3e2c2d8974e3253f209a613c15f4257fbdac4
be03c670531102ab7b80344b9398898dde6f284b9cb8e84e8a2569b029555ec2
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
c1bc8414718677f082a40ee0417063f559060ead523c35397e774da0f73edd60
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4e2051aa1f885fad9d822d587c15dbc0b9d9b1092e7d0f5b3704d5978b02dc2
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c6d8f1bb211f1cc56c2d65ef97b49e27407c581b9d030be87ed80788634b269a
c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991
c746ca687b3e79023240e45eb684f036fd9a1312b454758a6018b3ece635dafb
c90dc4c988e0140b81f06aa8fe4ed755d1325363d3e4e72815236a6f49084312
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
ccebb3668d65d3268223556ecdbe14e98305dd0abeffe6308c75e7fb21188fc5
ce64bcfe9ba8ffbba45472e00164c51d7a641f19b128a0ad5b00c40a9bf8dd62
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfec84c962f77539fb8d96d25c849df27b3ccede7e886d183d235b3c9522c65f
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2
d742cb942c7e8e3523cd3fc982af9a1af5fc4ee46195a71872f56b4321fc0f95
d7a40dd1262874dff50f0dae4f76a4b91f016220bef6e1bb61370cb35fe7ca41
d7c65c8d0a56eb7b29edbb54b59ac57d88f821dd2c423ba7f5133e2685568e7e
d87bea78e77ea4fd4f52fb8891a478293ae260b94ce9ce07ce7d25f7cf0145f1
d9e688054b15255631726d14efb2aa3edaa72d1f079ad188d6faf157d0ec8e97
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1d9d0f38a2cbbe20407a21cb0595140433d84fecdfe4bac43077334b5283cbd
e2320b9366a9a7b7d13d22bd9395552806ca93ed82fda541eff30f69ee95e956
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67c428bfa187ecbca4fa7acff23c00662cb87b178171eb5f3d4f7714fb9449e
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9c2870dc8fc452d3461e6e0ef19b042bd50b21606c09c38ee6ca988ed8143d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
f27d2c5f66b94230e004d6c66655d01a1cd15174edb43a04feced5daf4d5315f
f2d9960caa050ad22ee62aa63965eea086fa553fc633772a0332a46bca0e6f89
f36c7d76fdd5fe543f05e07db9ef6c2f3010bed4ab9960b6af9af269d75ecfaa
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68aa6b720665c1f9550df780eadcc7b0cfc9033bbbb383237b902428aafe2d4
fe90504915b170b3288816c9db44f14efdf6c636b696cb5af669e6bfc2e74516
ff2bab9d0d3f5679fa7864b03d61c4386056d106003d3b2e07d66062eb8aa7ba