wheregoes.com Open in urlscan Pro
2606:4700:3035::ac43:b70e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wheregoes.com/trace/20233268281/
Submission: On July 18 via manual (July 18th 2023, 3:25:51 am UTC) from HK — Scanned from DE

Summary HTTP 205 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 74 IPs in 8 countries across 69 domains to perform 205 HTTP transactions. The main IP is 2606:4700:3035::ac43:b70e, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheregoes.com.
TLS certificate: Issued by GTS CA 1P5 on June 19th 2023. Valid for: 3 months.

This is the only time wheregoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3035::ac43:b70e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e6:... 2606:4700:e6::ac40:c726	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	159.203.25.119 159.203.25.119	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
2	216.52.2.86 216.52.2.86	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
3	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 8	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
4	34.254.128.243 34.254.128.243	16509 (AMAZON-02) (AMAZON-02)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:1e00:a:e047:753:be1	() ()
1	99.81.215.196 99.81.215.196	16509 (AMAZON-02) (AMAZON-02)
2	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
5 8	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	72.246.169.246 72.246.169.246	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c004... 2602:803:c004:200::154	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
3 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 5	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 3	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:5ed0:634f:f490:f683	16509 (AMAZON-02) (AMAZON-02)
9	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.64.241.131 3.64.241.131	16509 (AMAZON-02) (AMAZON-02)
2	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.66.4.34 3.66.4.34	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.205.93.33 23.205.93.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
1	185.255.84.153 185.255.84.153	200271 (IGUANE-) (IGUANE-)
1 3	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.31.139.111 52.31.139.111	16509 (AMAZON-02) (AMAZON-02)
1 2	99.81.60.149 99.81.60.149	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.192.135.227 18.192.135.227	16509 (AMAZON-02) (AMAZON-02)
1	64.74.236.255 64.74.236.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4232:6002:dd61:700b:6e32	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	184.30.17.243 184.30.17.243	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.30.155.207 52.30.155.207	16509 (AMAZON-02) (AMAZON-02)
1	52.59.13.76 52.59.13.76	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	34.252.7.215 34.252.7.215	16509 (AMAZON-02) (AMAZON-02)
1	3.130.44.66 3.130.44.66	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.50 13.32.99.50	() ()
1	151.101.1.108 151.101.1.108	() ()
1	34.241.189.173 34.241.189.173	() ()
1 1	23.201.255.110 23.201.255.110	() ()
1	23.32.184.192 23.32.184.192	() ()
1	2600:9000:223... 2600:9000:223f:3800:1f:4c18:bd40:93a1	() ()
1	77.245.57.72 77.245.57.72	() ()
1	2606:2800:233... 2606:2800:233:f76:14f7:d635:25c4:c8d7	() ()
1 1	145.40.97.66 145.40.97.66	() ()
205	74

12 2606:4700:3035::ac43:b70e (United States)

ASN13335 (CLOUDFLARENET, US)

wheregoes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:c726 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.25.119 (Toronto, Canada)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-ca-to-1.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.172.123 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.254.128.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-128-243.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:1e00:a:e047:753:be1 (United States)

ASN- ()

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.215.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-215-196.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:d::d (France) 5 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 72.246.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::154 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

beacon-fra2.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.139 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.181.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:5ed0:634f:f490:f683 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.241.131 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-241-131.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.66.4.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-4-34.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.205.93.33 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-93-33.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.153 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.31.139.111 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-139-111.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.60.149 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-60-149.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.192.135.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-227.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:6002:dd61:700b:6e32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.155.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-155-207.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.13.76 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-13-76.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.7.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-7-215.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.130.44.66 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-44-66.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.50 (None, )

ASN- ()

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.189.173 (None, )

ASN- ()

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.201.255.110 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.192 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:3800:1f:4c18:bd40:93a1 (None, )

ASN- ()

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (None, )

ASN- ()

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:f76:14f7:d635:25c4:c8d7 (None, )

ASN- ()

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.40.97.66 (None, ) 1 redirects

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	criteo.net static.criteo.net — Cisco Umbrella Rank: 568 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 7998 csm.eu.criteo.net — Cisco Umbrella Rank: 7838	231 KB
21	rubiconproject.com 8 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 552 eus.rubiconproject.com — Cisco Umbrella Rank: 616 beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 10336 pixel.rubiconproject.com — Cisco Umbrella Rank: 374 token.rubiconproject.com — Cisco Umbrella Rank: 652 secure-assets.rubiconproject.com pixel-us-east.rubiconproject.com Failed	41 KB
16	googlesyndication.com 30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 135	153 KB
16	criteo.com 5 redirects bidder.criteo.com — Cisco Umbrella Rank: 719 gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102 ads.eu.criteo.com — Cisco Umbrella Rank: 7742 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9055 widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 17666 dis.criteo.com — Cisco Umbrella Rank: 608	69 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	154 KB
12	wheregoes.com wheregoes.com	158 KB
9	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 secure.adnxs.com — Cisco Umbrella Rank: 469 acdn.adnxs.com	27 KB
6	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 333 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025	4 KB
5	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 3004 public.servenobid.com	6 KB
4	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	798 B
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	196 KB
3	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1573 ssum-sec.casalemedia.com dsum-sec.casalemedia.com Failed	4 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	26 KB
3	media.net prebid.media.net — Cisco Umbrella Rank: 1429 contextual.media.net — Cisco Umbrella Rank: 675 c21lg-d.media.net Failed	10 KB
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 857	361 B
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 10642	7 KB
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 797 ads.pubmatic.com image6.pubmatic.com Failed	6 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 670	876 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 566	723 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	529 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959	12 KB
2	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3835 visitor.omnitagjs.com — Cisco Umbrella Rank: 1006	2 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 782	677 B
2	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 22022	145 KB
1	a-mo.net 1 redirects prebid.a-mo.net	138 B
1	technoratimedia.com ad-cdn.technoratimedia.com sync.technoratimedia.com Failed	6 KB
1	adkernel.com sync.adkernel.com	160 B
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com	526 B
1	gumgum.com g2.gumgum.com	2 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2046	267 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 620	338 B
1	google.com www.google.com — Cisco Umbrella Rank: 10	1 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 6861	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2245	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3886	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 26095	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2505	400 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 778	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1226	880 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2951	274 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1276	164 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 422	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2136	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1321	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623 ssbsync.smartadserver.com Failed	163 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 359	146 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 414	649 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	5 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	878 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 22106	693 B
0	creativecdn.com Failed creativecdn.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
0	socdm.com Failed tg.socdm.com Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	contextweb.com Failed bh.contextweb.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	deepintent.com Failed match.deepintent.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	openx.net Failed us-u.openx.net Failed
0	adgrx.com Failed cm.adgrx.com Failed
0	simpli.fi Failed um.simpli.fi Failed
0	disqus.com Failed ssp.disqus.com Failed
0	sonobi.com Failed sync.go.sonobi.com Failed
0	rfihub.com Failed p.rfihub.com Failed
0	turn.com Failed ad.turn.com Failed
0	yellowblue.io Failed cs-server-s2s.yellowblue.io Failed
205	69

	Domain	Requested by
14	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net cdn4.buysellads.net
12	wheregoes.com	wheregoes.com
9	imageproxy.eu.criteo.net	ads.eu.criteo.com
8	gum.criteo.com	5 redirects static.criteo.net secure.adnxs.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net wheregoes.com 30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net 30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com tpc.googlesyndication.com
6	pixel.rubiconproject.com	3 redirects wheregoes.com ads.eu.criteo.com
6	eus.rubiconproject.com	wheregoes.com eus.rubiconproject.com cdn4.buysellads.net public.servenobid.com
5	cm.g.doubleclick.net	3 redirects wheregoes.com g2.gumgum.com
4	token.rubiconproject.com	4 redirects
4	secure.adnxs.com	1 redirects 30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com secure.adnxs.com ads.eu.criteo.com g2.gumgum.com
4	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com ssum-sec.casalemedia.com g2.gumgum.com
4	ib.adnxs.com	2 redirects cdn4.buysellads.net acdn.adnxs.com
4	www.googletagservices.com	cdn4.buysellads.net securepubads.g.doubleclick.net 30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com
3	ups.analytics.yahoo.com	ads.eu.criteo.com public.servenobid.com
3	aax-eu.amazon-adsystem.com	2 redirects
3	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
3	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
3	fastlane.rubiconproject.com	cdn4.buysellads.net
3	api.fouanalytics.com	wheregoes.com api.fouanalytics.com
2	ad.360yield.com	1 redirects g2.gumgum.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	match.sharethrough.com	ads.eu.criteo.com public.servenobid.com
2	contextual.media.net	ads.eu.criteo.com cdn4.buysellads.net
2	dis.criteo.com	ads.eu.criteo.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	match.adsrvr.org	wheregoes.com ssum-sec.casalemedia.com g2.gumgum.com
2	mug.criteo.com	wheregoes.com
2	30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	id5-sync.com	cdn.id5-sync.com ads.eu.criteo.com
2	ap.lijit.com	cdn4.buysellads.net public.servenobid.com
2	cdn4.buysellads.net	wheregoes.com
1	prebid.a-mo.net	1 redirects
1	ad-cdn.technoratimedia.com	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	ads.pubmatic.com	public.servenobid.com g2.gumgum.com
1	secure-assets.rubiconproject.com	1 redirects g2.gumgum.com
1	ssum-sec.casalemedia.com	public.servenobid.com ssum-sec.casalemedia.com g2.gumgum.com
1	g2.gumgum.com	public.servenobid.com
1	acdn.adnxs.com	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	s.thebrighttag.com
1	beacon.krxd.net
1	www.google.com	tpc.googlesyndication.com
1	e1.emxdgt.com	ads.eu.criteo.com
1	sync-criteo.ads.yieldmo.com	ads.eu.criteo.com
1	ad.yieldlab.net	ads.eu.criteo.com
1	a.twiago.com	ads.eu.criteo.com
1	criteo-partners.tremorhub.com	ads.eu.criteo.com
1	simage2.pubmatic.com	ads.eu.criteo.com
1	sync.outbrain.com	ads.eu.criteo.com g2.gumgum.com
1	exchange.mediavine.com	ads.eu.criteo.com
1	matching.ivitrack.com	ads.eu.criteo.com
1	visitor.omnitagjs.com	ads.eu.criteo.com
1	cm.adform.net	ads.eu.criteo.com
1	eb2.3lift.com	ads.eu.criteo.com
1	criteo-sync.teads.tv	ads.eu.criteo.com
1	sync-t1.taboola.com	ads.eu.criteo.com
1	rtb-csync.smartadserver.com	ads.eu.criteo.com
1	x.bidswitch.net	ads.eu.criteo.com g2.gumgum.com
1	pr-bh.ybp.yahoo.com	1 redirects g2.gumgum.com
1	px.ads.linkedin.com	wheregoes.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	widget.nl3.eu.criteo.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	beacon-fra2.rubiconproject.com	wheregoes.com
1	ads.eu.criteo.com	wheregoes.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	prebid.media.net	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
0	pixel-us-east.rubiconproject.com Failed	eus.rubiconproject.com
0	creativecdn.com Failed	g2.gumgum.com
0	cs.admanmedia.com Failed	g2.gumgum.com
0	tg.socdm.com Failed	g2.gumgum.com
0	sync-tm.everesttech.net Failed	g2.gumgum.com
0	bh.contextweb.com Failed	g2.gumgum.com
0	b1sync.zemanta.com Failed	g2.gumgum.com
0	match.deepintent.com Failed	g2.gumgum.com
0	sync.ipredictive.com Failed	g2.gumgum.com
0	sync.srv.stackadapt.com Failed	g2.gumgum.com
0	us-u.openx.net Failed	g2.gumgum.com
0	image6.pubmatic.com Failed	ads.pubmatic.com
0	sync.technoratimedia.com Failed	public.servenobid.com g2.gumgum.com
0	cm.adgrx.com Failed	ssum-sec.casalemedia.com
0	um.simpli.fi Failed	ssum-sec.casalemedia.com
0	dsum-sec.casalemedia.com Failed	ssum-sec.casalemedia.com
0	ssp.disqus.com Failed	public.servenobid.com
0	sync.go.sonobi.com Failed	public.servenobid.com
0	p.rfihub.com Failed	public.servenobid.com
0	ad.turn.com Failed	public.servenobid.com
0	cs-server-s2s.yellowblue.io Failed	public.servenobid.com
0	ssbsync.smartadserver.com Failed	public.servenobid.com ssum-sec.casalemedia.com g2.gumgum.com
0	c21lg-d.media.net Failed	contextual.media.net
205	102

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
wheregoes.com GTS CA 1P5	`2023-06-19` - `2023-09-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-09` - `2023-10-09`	a year	crt.sh
cdn4.buysellads.net R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-07-05` - `2023-10-03`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
itm.ivitrack.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.minutemedia-prebid.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.technoratimedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh

This page contains 37 frames:

Primary Page: https://wheregoes.com/trace/20233268281/
Frame ID: 1C49FFE34137E7B6C8F338F5D9628002
Requests: 43 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wheregoes.com
Frame ID: A44E79204DC487ACA297076A730C28F9
Requests: 2 HTTP requests in this frame

Frame: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A06F46E5D32574A10F704AF88BED3D7C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUoVmnFFHje8aGcdajGRVoeUqcUrsVKuMLJxfvjh4b4UiJK-A534qc1voJwFNSKpybYgzJlCRYeRQ_xH7dMnrupW3icbwkJF0ORABHr3g3hdz1uY3z5Wh9hCUanIlfvpEx4IMMEkdQawDrRnlUiCXe1oS03EkbCt1cUQZuxW1Mf6Uh7JZ1XOqo3Q_Z-XIFuU2-G6V73rl_IFc9sL_daqqq4cHy6JaYtkHhK57gT7j-IJrcOlShNndUnWBQ313si8uBidbqA1PJQWKE8vp9xuEbsxfhM-p2zNsrpHpQoeVJbOrgnzDd7aaafF7rlGr5LeFKSZoFOyQggJXK994P7xvRXqlUzmU41uxe&sai=AMfl-YTNK-jQ15N3Uz5DWgD9TSYafSoMGVXJMS7hkVPNyzMeiGsPK5YNxIgujgK2SxCAxrdILKj9wFzsvcWCoA6QqWzxX5mr1ahOt89KIDGjpGp_aCoAVv5nPMlIBTZ8QFm5uNJzyplRh93tFQz2xBc&sig=Cg0ArKJSzIfvSrrb5mo3EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 2421C6CBA41DB60CD9B12FCF882B4685
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveYqvgCahGBrxjvvy3VqhLELYWzrwfuxGND23sTCLwGNLcPke1BHKVws_z_xI5OImo8jfL2hMa7eJxcv5vbf-hOuqknQWbCqmA2CbRGj7a5o5UOfArAweZ_TJzbJERsexFLMVcFkd5QfMFGx5pTxG8ZtODd9UbeOZFYJL5RGrRRnq7hucIQ6nBoVS_nc8SwbtGZAflLgikzpDNeCT8Kv8DqBDReQM_Ir9lK3MBRk-23Hb2nnhUXrSJPv38K0O9gGkurEwrRZTyguiA66seg19c-vHzhVHud5GyQl6WCl92e0m0mq99_57RY9mFfDoCIz5EwT9y6XYKDjBgBbeqnOwYHkDyWw&sai=AMfl-YQ94qQLbmgCg30oBGkw_sYqo5pU2fwoVsbF0vI3bV2k1trpDGXMlGSMVmTDRMaCKMVv--2-KwkpA49pmO59hF3jKjK06ZWQ7KyC8xIavfar9tAdBEjmM0P2rZk4Lfiiru5UUy3qNhRlzkkyZWQ&sig=Cg0ArKJSzCBqF9cVYp8aEAE&uach_m=[UACH]&adurl=
Frame ID: 2A721E9B48F86B3BE50E7C29A46A9457
Requests: 8 HTTP requests in this frame

Frame: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F4D47892C32423C8AE50D34C8DAF4614
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Frame ID: A54796D11489F195632BF91422AC38C8
Requests: 25 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 0B7FED60ECFBC18A7C46C8D49E8E3459
Requests: 10 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=64b6063a3dff5bb14757581ff050afa3&r=https%3a%2f%2fwheregoes.com%2f&crossorigin=false
Frame ID: 860D64A004033F5533C112261E4EAE1E
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-F-xpTYUPKEXj2VxP1UaMnq8IcHDvAsgsACJaZA&expires=30
Frame ID: C08B5AD08C16382C8F6067789AA20FD6
Requests: 29 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D4447F72440A29C2B7376C27BEF0BEA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C2E288FB54CF59A8090DAFF3D1002F8C
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com
Frame ID: 524866398BFB11D2BECF87FB4ADEE2A3
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: E6D2BC2925ED4C2E9B62C9F13E1BB6FF
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 096CF3B089057FE209A8D247E891ED29
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1689650747407
Frame ID: B37A4E388BFEF41A2305763B6A36F8D0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5E330C8CCA6F0626042857CC141027F1
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: F67169E71C7A7EC49508405872FF2B1B
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: D81872ECF2B7C7115642814D6BF1707B
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 7E5A4D647C265C26A3B1D3CFCF32A11E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 1174291764A61FA85F36DE3F0811FB77
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 1593A95B21CA311FCA45080852C1C4FD
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: FD2EC14475A27A4E4AA87A58F5641F99
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: BBA90B7A3C47771BD62E87CC5264CCC4
Requests: 2 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: F053B8A53300AAC3DB1AE7AE2A949BE8
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: B7D7CE464CF267FFC4A56894E051623D
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: E15C8A877A2D0D66EF73BE7596C86C7E
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Frame ID: 4108D0D19FB99F463CC1B722F8E19B68
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 92FB82AC662EAD7E919169328AB29932
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mZGQ0MGJmZi00M2JkLTQ2NTItOTBlOC1mMDNmMmQxZGMyNjU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 7ACF9DD594D2F13CEA79395AED75610C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: A732EF42DB237971C33514E7238D03A0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 5CEF42A32F3B8E3F125BEE2D3691C40B
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 45874F24A429FABA4081080DD961FB73
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_fdd40bff-43bd-4652-90e8-f03f2d1dc265&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: DAEAE3BF2C4014A3632AF2DCE4F61946
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 0AACFBF2A5D94257D056822047262C46
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: 86C0C838C9943527B07EACD7FFBF43F1
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Frame ID: 49F9EBBD576AAAB87EE7D9990060651C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trace Results | WhereGoes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

<form [^>]*id="mc-embedded-subscribe-form"
<form [^>]*name="mc-embedded-subscribe-form"

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

205
Requests

70 %
HTTPS

32 %
IPv6

69
Domains

102
Subdomains

74
IPs

8
Countries

1281 kB
Transfer

3298 kB
Size

44
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/WhereGoes_com
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheregoes.com&sn=ChromeSyncframe&so=0&topUrl=wheregoes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=ur7-ZXw1MHh3QXR6bTh3K1hCNXZwRmpsUjd3SVBQWWR2UklDd0hXc29pdEpRV3VRemQvekJpYUV5czJIKytMSWJVNXZ1c2Fpb2ptSDNCVkRMMHRiSWJXdk9QdkJseGZuWTRvUWNKVzhaRlVDcW4zSjJzZ2tvRVdDckZYeTdXcmVWbHFmU25EZXlOYi9xeTd6YkNjVE9MY0hRUGFMNUV5dE1BOXZTelRGVWFIcFJhTmd4OVp4cURxdHRwS2t3QU95OGNZR3V6eUZrNUZHTnJTaFJkeG5NTjlFK0dyWXpRREVGQlB5WHdlMFh2YklFdEdTRDBFMHBsM2V5U2dQOEtlNUlOcVNTMWlZVXltenZnak9pZWc2bmVocXVDOTJ5cDVXZUpqTHFpQVE4bFdONmJRST18&cppv=2

Request Chain 54

https://secure.adnxs.com/ttj?id=18678115&size=300x250&cb=1590098768&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstg3UuW0H0E9JKB7Ew8g4FHmHE-ycPkqDrWlaPFRVpfSizdq-wPumBlK2o8L6ZerwHRjiPS7NYstKDHZ_492Q1JbWUEVfNxJCZnBAzmMOe0153I7P91XZs5oUtorJiZ3sFYIhMBMxAi4HzJa2OjkQcYVevov0p98enZtAp45XLpzrQN8FalS4D8lx2lX8PcQgI6L3vGOsj4byHRHVvN6x1k7tRdPX5AK3eftO8GUt_I3Cyxf4G4U_k99QAnNnHEJ1KFE4n3HoV7ZgpHz7xmfAMWRu0K1De40QOn0VAtDfvokgwi6S561bgdFJ8q_E4qN6uh__tl9IFZFtc6UEyi9Xu4sE97TfLIiQw%2526sai%253DAMfl-YTBLnhA1r7kksuARX3nbGbj7n_UyDrlN6_xFmO7pppKBvpeaEB-FDAhVLx0RNEPW-SjBGSJ1-bJIjLsE6VZxK4lrPH3Oz07OuF__yTE4qABdgu7wvwaEE-I7CYOFMdQMGv2mzWpHEXKiDfSBZE%2526sig%253DCg0ArKJSzLJdONAqXETIEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D HTTP 307
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D300x250%26cb%3D1590098768%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstg3UuW0H0E9JKB7Ew8g4FHmHE-ycPkqDrWlaPFRVpfSizdq-wPumBlK2o8L6ZerwHRjiPS7NYstKDHZ_492Q1JbWUEVfNxJCZnBAzmMOe0153I7P91XZs5oUtorJiZ3sFYIhMBMxAi4HzJa2OjkQcYVevov0p98enZtAp45XLpzrQN8FalS4D8lx2lX8PcQgI6L3vGOsj4byHRHVvN6x1k7tRdPX5AK3eftO8GUt_I3Cyxf4G4U_k99QAnNnHEJ1KFE4n3HoV7ZgpHz7xmfAMWRu0K1De40QOn0VAtDfvokgwi6S561bgdFJ8q_E4qN6uh__tl9IFZFtc6UEyi9Xu4sE97TfLIiQw%252526sai%25253DAMfl-YTBLnhA1r7kksuARX3nbGbj7n_UyDrlN6_xFmO7pppKBvpeaEB-FDAhVLx0RNEPW-SjBGSJ1-bJIjLsE6VZxK4lrPH3Oz07OuF__yTE4qABdgu7wvwaEE-I7CYOFMdQMGv2mzWpHEXKiDfSBZE%252526sig%25253DCg0ArKJSzLJdONAqXETIEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D

Request Chain 72

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QqvlZ-w2TLy312zfjwDy7w&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QqvlZ-w2TLy312zfjwDy7w

Request Chain 73

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK7QFGO4-19-21Z2

Request Chain 74

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEs3UUZHTzQtMTktMjFaMg== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHA4AZp7jAhZ8qZAxlQ5pvw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs3UUZHTzQtMTktMjFaMg==&google_push=

Request Chain 75

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTc3MmQyNjVjN2Q1NGUyOGMxMmRiYmVkZGFiY2EyMThkZDk2Mjc5Zg

Request Chain 76

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8VketnEdQn6SjexpF_I35A&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8VketnEdQn6SjexpF_I35A

Request Chain 78

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/J1M0nSX2l3T6w_o9Qn8oDcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9U25.QJE2oLH3gnwx6aIaxMMbEuZTGHcQ_xCLw--~A

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB74sAlXCm10y48HvDZ3W-s&google_cver=1

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7RQubIUPKEXj2VxP1UaMnq8IcHBt0kH40dS2Kg&google_cm&google_hm=ay03UlF1YklVUEtFWGoyVnhQMVVhTW5xOEljSEJ0MGtINDBkUzJLZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7RQubIUPKEXj2VxP1UaMnq8IcHBt0kH40dS2Kg&google_gid=CAESEDdO9dWIoZmtw67zyItvNko&google_cver=1&google_ula=913071,0

Request Chain 96

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3380780347506052618

Request Chain 108

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TSDOsIUPKEXj2VxP1UaMnq8IcHCTadKW01XDGA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TSDOsIUPKEXj2VxP1UaMnq8IcHCTadKW01XDGA&C=1

Request Chain 109

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=O7xRnsFvF7L-AvkVgKMKPxwBxENv1utE HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=O7xRnsFvF7L-AvkVgKMKPxwBxENv1utE

Request Chain 111

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-9PyplIUPKEXj2VxP1UaMnq8IcHABz2ruWflovA HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9PyplIUPKEXj2VxP1UaMnq8IcHABz2ruWflovA

Request Chain 130

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5TXcSeY_cEvnDe5DbylbOgwBzbREpnpd

Request Chain 135

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2L2jf7ErVT7cAPKHD73ovwFL4djuVw8w

Request Chain 141

https://gum.criteo.com/sid/json?origin=publishertag&domain=wheregoes.com&sn=ChromeSyncframe&so=3&topUrl=wheregoes.com&bundle=UBIGj19QZW1NbEhIZlpjJTJCTlh2bjFGQ0hteDl6SWRVc0hROXk4NGxxVGlyck5mTHdsVTVUd3VZcFFBWmFCYm51N2doMTZqM3FiYnNPVVBXbWpGbyUyRmxaNnJpNjU4OCUyQmhxazJiNkg0YlVkb0cxam9odkplSWxFUG16S2JMcDl3bnlKZnRTVFY0UXhnciUyQm54d0lMVXZOYyUyRjl6d1NnJTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=NTi5CHwwdVpXNnJyQVVSemRTTEN5V3Z0VTVzMnFmeWkwSlJOeFNTd1pHR1ZHSncyd3J4NEMvajhWa3VuckxPZ0RLck5YZUZIeHc2T3AxZTBvUGkwR2g1cmRqMXhtRXBtdXV3Vk1wUWRlSDFsWWFqTUNFWlNDdGoxMG9jR0lKU2h2WU1NQjNKd2c4WkVFSWIvVWZiMVlPc2l6b0NoOTdXR3hSYUh2K2x5ckxwd3ZVVTkyVUJsYXVGdmxKYm9XVHpGeFNEY2crYTF5cUF2dktad0NuZG1TS0VDN3kvL2diOTBuMktKKzNYUzlTUGtFNnVVRmlsSi9KRFZEblJpWTRQWFNVQnk0V3lCOGY3YjRIUFUvUTZYSGUxTHZRWUNJdkNuc2I0azltcERFbEE5ck1ZND18&cppv=2

Request Chain 153

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 159

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=3380780347506052618

Request Chain 160

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=G_8NvRZHDIDuFAniTo6sA3x8

Request Chain 162

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1689650750868 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=3937440427

Request Chain 165

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=

Request Chain 170

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 174

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLYGPDb-j6u7J1NNf_6TWgAAFFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2xHjLZg7x6kVWsA-zT2gE&google_cver=1

Request Chain 177

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3380780347506052618

205 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wheregoes.com/trace/20233268281/ 15 KB
5 KB 223ms
136ms Document
text/html 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/trace/20233268281/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbac5b873b97dc6ecf39dd6ef9f6272800973449b21f7de8eb524e2cbf12444b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e879e896ba218cf-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 18 Jul 2023 03:25:45 GMT
fastcgi-cache: HIT
link: <https://wheregoes.com/?p=19>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52kZGZiGJBhP7D1Uz8125lvFbHF9VgKBcDku8XSm0OPkGoPg5%2FHK6e4b16QcTMUnl0Bdg2icCVNuFA%2BPs%2By2UHJRyDzcmrwKO8qT1%2BtMRSsaCRruojPAvxrur5j%2FkFihw6skltMJHRHthT9j"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
wheregoes.com/c/cache/autoptimize/css/ 238 KB
85 KB 59ms
55ms Stylesheet
text/css 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f37a5d48012b60d0912d3469d5d2e1557238e8b91695dbdfa4abf4519aae6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20233268281/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5786190
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:53 GMT
server: cloudflare
etag: W/"642ddfe1-3b648"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JmQbJU4IfEkHwlCjaWzLnodZXIDtBT8tb3gdPnhIC7wligU2dCp8qVIZVRAeP8oShjvVXQH6eWzQfj5OWevJ%2FPapEPPIhKX8QoFzaJkffC3STXrU2AL8Miqu3mUu5dgW8AGGFtV6dJ27Spk"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e879e8a6c4218cf-FRA
expires: Thu, 04 Apr 2024 20:54:00 GMT

GET
H2 200 jquery.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 88 KB
32 KB 41ms
37ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery.min.js?ver=202307180384

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20233268281/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1040
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
server: cloudflare
etag: W/"642ddfde-15ed7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zsZ5EFJt%2FUl3a4Ab6iU%2Fhdct6vDN68HOw483AqRhxqRkwyyXWrJAMxVnc7ndn%2Fv9FPUYIuw9Nhlo8qmNdhM3V7V%2BUdKH9vsOIpEGRJn5TwV9%2BtjC%2BJithyH2K4qWPVMiXAChh5IiNRS91E%2FV"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e879e8a6c4418cf-FRA
expires: Wed, 17 Jul 2024 03:00:13 GMT

GET
H2 200 jquery-migrate.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 13 KB
5 KB 71ms
68ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=202307180384

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20233268281/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1040
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
server: cloudflare
etag: W/"642ddfde-3470"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbX4o04miHmUetpb3S4dpGpIZoDgy9eVx4%2BrJ1rFqt%2B6bjPl1glj%2Fno4j2GSpTnWE7G6kh%2BAccb19xCtn8e%2BSdElXsDSHAbr6wYX0Xum0%2Bcn3GWxwN4q6hTba5biSSqLCLu9aK1hLj3tcxGt"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e879e8a6c4518cf-FRA
expires: Wed, 17 Jul 2024 03:00:13 GMT

GET
H3 200 script.js Show response
wheregoes.com/js/ 1 KB
1 KB 129ms
129ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/js/script.js

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20233268281/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 885
x-cache: EXPIRED
cdn-cachedat: 07/18/2023 02:24:11
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.1.5
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 18 Jul 2023 02:58:05 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIjOLA9yGO5%2Fe1okszOwfKE%2FNng8XEGXRuZxzJHuG2wdjqxVgUBQYjlTZb0g6hVUO1H5Q97%2BajrEMAq5eLzsq2TzZuVYQwEUoLVf0HwizJRHzk4Xg93MLaz4B2GAgOJK9p5Dir3qeeykC3lr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, max-age=14400
permissions-policy: interest-cohort=()
cdn-requestid: 6b2d7b17a9db8e167bb13aeccd5842c1
cf-ray: 7e879e8afddb1981-FRA
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 init-1144pc80p2fur20uadwq.js Show response
api.fouanalytics.com/api/ 318 B
745 B 285ms
206ms Script
text/javascript 2606:4700:e6::ac40:c726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68a66c21da9455c2be6c1f0f2e5b5c8e599051932644eb2345321a0b94a16b43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:46 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MafcDgoTlxmRUPzVv9p%2BEk9BMz00dYpSGodFml6L2VnMOu7FRn%2F8Wxqv%2BRsCMYvb4i2X35Gqzc8tt%2BKAL6%2Fu%2FxypxZtmHWSUdTBv8UO9mqFxIQdi%2BNd48jVBjhmpzDSBEAbKSWF1UqtzXYSwhIXNEP%2B3pw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7e879e8b89409162-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 index.js Show response
wheregoes.com/c/p/contact-form-7/includes/swv/js/ 10 KB
3 KB 50ms
48ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/p/contact-form-7/includes/swv/js/index.js?ver=202307180384

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20233268281/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1040
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 31 May 2023 14:04:21 GMT
server: cloudflare
etag: W/"647753e5-2801"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHgpFhxrgC%2FCqYNiV%2FcJ5E5dmyhCChJhnahRblK7axPVzlZenxTLoyQUGY8K0NpGZ3nPnLtgY9iwsw4WWk9H3VseGu96M0MgQ%2FGx5%2B7FRILeL%2FflOEZZ%2FMgNbKogQhI4xU2LuLW2HZqzO4WQ"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e879e8a6c4618cf-FRA
expires: Wed, 17 Jul 2024 03:00:13 GMT

GET
H2 200 index.js Show response
wheregoes.com/c/p/contact-form-7/includes/js/ 13 KB
4 KB 54ms
51ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/p/contact-form-7/includes/js/index.js?ver=202307180384

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20233268281/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1040
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 31 May 2023 14:04:21 GMT
server: cloudflare
etag: W/"647753e5-328f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BirtjV%2FYa9hrxI1%2BIUG8X5rsTv%2BiKh5tzPYeX4mQpjzdQOicaXpfbS8A4APgJYdVfUKVRkqI1m%2FxiplyGtqwB8wb3ikqffXrSPAg6VXSWMeBXVtXZmt4wdi%2F20kUO75SM%2BMWHIwaVw%2B%2Bc23g"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e879e8a6c4918cf-FRA
expires: Wed, 17 Jul 2024 03:00:13 GMT

GET
H2 200 main.js Show response
wheregoes.com/c/themes/custom-theme/dist/js/ 5 KB
2 KB 71ms
69ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/themes/custom-theme/dist/js/main.js?ver=202307180384

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f4129c1cfc1a9fcb2e94b35853f3d2085c0807564e37971d1ccb6ef2a7e852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20233268281/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1040
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Feb 2023 20:32:40 GMT
server: cloudflare
etag: W/"63e55868-1464"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1u8YUVQk6DOm3jx7QmUe6cxCz1N61dpZUrlpDxAX2qxEAcuGBcCYLS2uGNtgcmIQV4cnTD5%2FpqYr6D%2F%2FelY2%2Fi%2F1ROWilGHnnymfcaPI9krCQrkjF68nh1I6GyNio1KAEK%2FZ0fV%2FFqJTKBR3"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e879e8a6c4a18cf-FRA
expires: Wed, 17 Jul 2024 03:00:13 GMT

GET
H3 200 wp-emoji-release.min.js Show response
wheregoes.com/wp-includes/js/ 18 KB
5 KB 132ms
132ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/wp-emoji-release.min.js?ver=202307180384

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20233268281/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
server: cloudflare
etag: W/"642ddfde-4904"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OL2ieEacEgQH9saMJfm%2Fpo12oAWuRuhMhaWewnhEZT4w7Co82AAjbG5BgrZFnq4Ob9iSb1D3uIEdklXB2sDEdVHZsEJfR81%2FVRdlZWJOs3GqQExi0ImhqPoWrHfg47nYBw0JW3R4LtDrBiK9"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e879e8b4e1d1981-FRA
expires: Wed, 17 Jul 2024 03:00:14 GMT

GET
H2 200 wheregoes.js Show response
cdn4.buysellads.net/pub/ 474 KB
136 KB 360ms
243ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 0d5c9372f49bca9aff967d0ffeeba09afc8d5969e4bd355ddde01ebda2a1c0c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:46 GMT
content-encoding: gzip
last-modified: Tue, 18 Jul 2023 03:12:34 GMT
server: AmazonS3
x-amz-request-id: J56HP613HEZKEPNW
etag: "12eabf9850c3fb133c3762bc5c4b95d5"
x-amz-server-side-encryption: AES256
x-hw: 1689650746.cds271.fr8.hn,1689650746.cds334.fr8.sc,1689650746.cds334.fr8.p
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-id-2: Trpt/RVxkQdXIkco3eKhI5e+llHbRZoERETspv8WEuhoBlijtLzmusuK6gjbUGu17UGsVb035gL2vhEFtgUfeA==

GET
H3 200 logo-h-blue.svg
wheregoes.com/c/themes/custom-theme/img/ 15 KB
6 KB 42ms
42ms Image
image/svg+xml 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheregoes.com/c/themes/custom-theme/img/logo-h-blue.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13665329
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Apr 2021 19:20:03 GMT
server: cloudflare
etag: W/"60734be3-3afa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMVKGqc%2BbcDroQgK8e6ACkDcahs6x1QPZo1KHip1sjBAFwl9Vu3WObPGr9cN8cakrPXCn2B0IKnyxvqKsbnyorQy9gkEI97ZyEEE94iCeFs5J%2BG5mZYcfq%2F%2FLKkrOApB%2BgO7ZK85sLBMyes2"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e879e8b5e2a1981-FRA
expires: Fri, 09 Feb 2024 21:14:10 GMT

GET
H3 200 wheregoes.woff2
wheregoes.com/c/themes/custom-theme/fonts/ 8 KB
8 KB 43ms
42ms Font
font/woff2 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wheregoes.com/c/themes/custom-theme/fonts/wheregoes.woff2?90359859
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b

Request headers

Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 239532
alt-svc: h3=":443"; ma=86400
content-length: 8024
last-modified: Fri, 18 Jun 2021 18:52:37 GMT
server: cloudflare
etag: "60cceb75-1f58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyjBkBbPlUhTt59jhdaB0BjFi%2FfyepNFCb0YiOerKYVgAF9YcWvzp%2BLMbuFGVVXmrRZg3nfaUgO8Zw3pPppTPmKl1Gvzki5FCy2w0AA0aDjr%2FORj67upmUNyQMXSSwnJ1zODdXxZFIe4N1US"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7e879e8b5e2e1981-FRA
expires: Fri, 09 Feb 2024 21:14:10 GMT

POST
H3 202 event Show response
wheregoes.com/api/ 2 B
769 B 275ms
275ms XHR
text/plain 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/api/event

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/js/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wheregoes.com/trace/20233268281/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jul 2023 03:25:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 885
cdn-cachedat: 07/18/2023 03:25:46
cdn-pullzone: 682664
application: 10.0.1.5
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F3LYZtBs4wkS-_VdC9CB
cdn-proxyver: 1.03
cdn-requestpullcode: 202
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUPB0Xv6EihCYp%2F9OTocVX2%2FCiQRpjpTOww2QKVC5tKJfqlwiUNHw1EGPhTQPgiI%2BH41M7wP5JkWAlPPZHDbBL8a%2Fzbt3PWMnzwcAiMgCvTf%2FXYos%2BmVNHXzUFu0tUinisE3StnaDtjjq4sP"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: ccb3873d2448937c0658958e1b22e612
cf-ray: 7e879e8bce8b1981-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 42ms
40ms Script
text/javascript 2606:4700:e6::ac40:c726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20d3e3cc1340e218d30035033398ccfe72086801df5dfc6fc53d36ec04965a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 18:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 638
etag: W/"648cac83-3bd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Okx11S9NJPeVQRwak0jDZJfAYpgaG4SX8Ra2C8kf%2FpKA8ZlYo0m4uLsLiRDo%2F1GFZJdl%2BPTW7T0DHFI7pZGJl%2F8edqcs8f5QqY3lxF3qA99y5pI%2FeKdAX2kODImJhBZoE%2Fbs9wxDAi8Pt97%2BGb5naxMd2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7e879e8cda2d9162-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991

Request headers

Referer
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST
H3 200 x
api.fouanalytics.com/api/ 0
456 B 205ms
205ms Ping
text/plain 2606:4700:e6::ac40:c726
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c726 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 18 Jul 2023 03:25:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GTx2bOaDnvtGpSmz6lYyAEW%2FbmFrqtRBXsXakBclx1Op4mYe8zHGL6RIj381pyUMG%2BdFD15ggSW18%2FaZ5UKxdXX8mvM2jAA%2FNYWkCqTHhj4Xyx%2FHC8m9FBzujSvjUPRJ8B1rRU4%2FYKnnWk74%2Fyu4bnplxg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e879e8eed7c1a49-FRA
alt-svc: h3=":443"; ma=86400
priority: u=4,i

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 124ms
55ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62e8e460f4b8686af04784755083d37870c377de25e3fb7445167183987cfb95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27886
x-xss-protection: 0
server: cafe
etag: 466 / 19556 / 31076055 / config-hash: 2841643792367511638
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 18 Jul 2023 03:25:46 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/ 391 KB
125 KB 119ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 01:07:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8277
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127551
x-xss-protection: 0
server: cafe
etag: 10618836103773446959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 17 Jul 2024 01:07:50 GMT

GET
H2 200 CEAIT5QE.json Show response
srv.buysellads.com/ads/ 930 B
693 B 490ms
138ms Fetch
application/json 159.203.25.119
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CEAIT5QE.json?forcebanner=501977&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.25.119 Toronto, Canada, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-ca-to-1.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 92316450fa26a144d155f88fa0652b5c1da8fc17dcfddd2e1b8b8d62826ca3ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 556

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 5 KB
3 KB 298ms
178ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=2&alt_size_ids=55&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20233268281%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20233268281%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=e74e15cf-37f2-407c-9628-714f4e1d3106&l_pb_bid_id=29fe45d257ea23&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&slots=1&rand=0.3649739815899138
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0342caf5f71e32170072af1c52e058903acbf1bb234e8d9289f792f2dc7859d6

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 411 B
923 B 277ms
157ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20233268281%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20233268281%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=085abc73-6056-4023-a0be-3d18d40eaa95&l_pb_bid_id=3a17246d0e081c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&slots=1&rand=0.6863213532363914
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 089225d23027cb2df449bbaf32a0941b1591f6a4c8f6e0fa1e835256b98f56f0

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 411
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 442 B
784 B 292ms
172ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20233268281%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20233268281%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=4500749c-42f5-46dd-811f-8477f41c51e6&l_pb_bid_id=43e49b801bf792&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&slots=1&rand=0.7832474980364164
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a89068fdd90948d24e0c047a2e75416ca717ca08b79a33caf43c3303b271d6b9

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 442
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
400 B 162ms
53ms XHR
application/json 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.43.0
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 7be0fca4b46ccb8eb8498bc72662b1c66fd2e544aefd47de43a49907fe5c3160

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 18 Jul 2023 03:25:47 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://wheregoes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 1 KB
2 KB 228ms
60ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20233268281%2F&PageUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20233268281%2F&PageReferrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20233268281%2F

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

f13a6828e9fd2b875b175a9ed2799b7980742da04d026e9e3a9a3234b0e14199

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 10
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 1248
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 106ms
32ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://wheregoes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 167ms
55ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.43.0&cb=18377149930&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://wheregoes.com
date: Tue, 18 Jul 2023 03:25:46 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 19 B
579 B 138ms
45ms XHR
application/json 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
an-x-request-uuid: e9b12bb1-a13d-45e3-99ed-84911d2fa246
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 19
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 adreq Show response
ads.servenobid.com/ 2 KB
857 B 196ms
77ms XHR
application/json 34.254.128.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=5322
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.128.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-128-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 67da2113f958c94d2970d06bdfec32194fd6879fc938ffb4fc23f8ae306016e9

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 200ms
131ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a1558e7e37a4710341c8eff3ba393984aed67fc993f9f950a8233e69b80ea7d7

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wheregoes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 18 Jul 2023 03:25:47 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 111ms
30ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 18 Jul 2023 03:25:47 GMT
x-content-type-options: nosniff
content-encoding: br
age: 14749
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230027-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 109ms
39ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: EQ0977RHP48FT9KC
age: 3141
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e879e933b909c00-FRA
x-amz-id-2: KMrFcklZyn75cMPfTnxiItG8HSYFuSkiOS+1xId12+2RrGWj1m1jpBxDB4L+Gq4dPou3GKA02q+Mf02nyR46EA==

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 169ms
84ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Jul 2023 03:25:47 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 105ms
32ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 02:34:21 GMT
content-encoding: gzip
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 3087
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: 2loZi5Oz9wyg8mtOG8uX4wkRfCKc96QEr7whw_wBkFxxXkWjIuFixg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 118ms
30ms Script
text/javascript 2600:9000:2250:1e00:a:e047:753:be1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:1e00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Tue, 18 Jul 2023 02:48:38 GMT
Via: 1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 2230
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: gDhe6gLerKOw8_KORR0KK-lulY9Q-o7jKfyUpkC0cNJCUxVepV8deQ==

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 185ms
54ms XHR
application/json 99.81.215.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.215.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-215-196.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2dc9d95f42a92db449150b60f5914f20d7d69485c8350325153e50b5b0ec524e

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache
x-server: 10.45.5.220
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 110ms
31ms XHR
text/plain 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://wheregoes.com
date: Tue, 18 Jul 2023 03:25:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame A44E 15 KB
6 KB 138ms
47ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wheregoes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 03:25:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 284877
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 119 KB
28 KB 87ms
87ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3788872779337663&correlator=230346230863761&eid=31076055&output=ldjh&gdfp_req=1&vrg=202307110101&ptt=17&impl=fifs&iu_parts=8691100%2CWheregoes_S2S_Leaderboard_ATF_ROS%2CWheregoes_S2S_Sidebar_ROS_Pos1%2CWheregoes_S2S_Sticky_Sidebar_ROS_Pos2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%7C120x600%7C160x600%7C300x600&ifi=1&adks=1696759606%2C2861055222%2C3809685794&sfv=1-0-40&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1641228026595-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D970x90%26hb_pb%3D0.01%26hb_creative%3D2149%253A10157993%26hb_adid%3D46c657ce54fc82d%26hb_bidder%3Drubicon%26_bd%3Dbid%26_pl%3D0.01%26hb_size_rubicon%3D970x90%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D46c657ce54fc82d%26hb_bidder_rubicon%3Drubicon%7Coptimize_ad_unit_id%3Dbsa-zone_1641228120494-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641318529900-6_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dwheregoes%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1689650747621&lmt=1689650747&dlt=1689650745960&idt=1303&adxs=436%2C1091%2C1091&adys=440%2C666%2C950&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20233268281%2F&frm=20&vis=1&psz=960x267%7C300x952%7C300x952&msz=960x90%7C300x250%7C300x600&fws=516%2C0%2C512&ohw=960%2C0%2C0&ga_vid=286225353.1689650748&ga_sid=1689650748&ga_hid=2090706524&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f17e1efa078054a519093a5c87dbb77da3336318bed0abfa3ea9cd2ab785a5e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28235
x-xss-protection: 0
google-lineitem-id: 5936457971,5324395187,5320060794
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138382844369,138305874807,138305489837
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A06F 6 KB
3 KB 180ms
38ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 03:25:47 GMT
expires: Wed, 17 Jul 2024 03:25:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame A44E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheregoes.com&sn=ChromeSyncframe&so=0&topUrl=wheregoes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=ur7-ZXw1MHh3QXR6bTh3K1hCNXZwRmpsUjd3SVBQWWR2UklDd0hXc29pdEpRV3VRemQvekJpYUV5czJIKytMSWJVNXZ1c2Fpb2ptSDNCVkRMMHRiSWJXdk9QdkJseGZuWTRvUWNKVzhaRlVDcW4zSjJzZ2tvRVdDckZYeT...

427 B
650 B

152ms
36ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=ur7-ZXw1MHh3QXR6bTh3K1hCNXZwRmpsUjd3SVBQWWR2UklDd0hXc29pdEpRV3VRemQvekJpYUV5czJIKytMSWJVNXZ1c2Fpb2ptSDNCVkRMMHRiSWJXdk9QdkJseGZuWTRvUWNKVzhaRlVDcW4zSjJzZ2tvRVdDckZYeTdXcmVWbHFmU25EZXlOYi9xeTd6YkNjVE9MY0hRUGFMNUV5dE1BOXZTelRGVWFIcFJhTmd4OVp4cURxdHRwS2t3QU95OGNZR3V6eUZrNUZHTnJTaFJkeG5NTjlFK0dyWXpRREVGQlB5WHdlMFh2YklFdEdTRDBFMHBsM2V5U2dQOEtlNUlOcVNTMWlZVXltenZnak9pZWc2bmVocXVDOTJ5cDVXZUpqTHFpQVE4bFdONmJRST18&cppv=2

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

047e6dea98c188de6374fc6a644a4e266fcba0924e99d6b31561e3b06fc6c57d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1006882
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=ur7-ZXw1MHh3QXR6bTh3K1hCNXZwRmpsUjd3SVBQWWR2UklDd0hXc29pdEpRV3VRemQvekJpYUV5czJIKytMSWJVNXZ1c2Fpb2ptSDNCVkRMMHRiSWJXdk9QdkJseGZuWTRvUWNKVzhaRlVDcW4zSjJzZ2tvRVdDckZYeTdXcmVWbHFmU25EZXlOYi9xeTd6YkNjVE9MY0hRUGFMNUV5dE1BOXZTelRGVWFIcFJhTmd4OVp4cURxdHRwS2t3QU95OGNZR3V6eUZrNUZHTnJTaFJkeG5NTjlFK0dyWXpRREVGQlB5WHdlMFh2YklFdEdTRDBFMHBsM2V5U2dQOEtlNUlOcVNTMWlZVXltenZnak9pZWc2bmVocXVDOTJ5cDVXZUpqTHFpQVE4bFdONmJRST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 260588
content-length: 0
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2421 0
0 69ms
68ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUoVmnFFHje8aGcdajGRVoeUqcUrsVKuMLJxfvjh4b4UiJK-A534qc1voJwFNSKpybYgzJlCRYeRQ_xH7dMnrupW3icbwkJF0ORABHr3g3hdz1uY3z5Wh9hCUanIlfvpEx4IMMEkdQawDrRnlUiCXe1oS03EkbCt1cUQZuxW1Mf6Uh7JZ1XOqo3Q_Z-XIFuU2-G6V73rl_IFc9sL_daqqq4cHy6JaYtkHhK57gT7j-IJrcOlShNndUnWBQ313si8uBidbqA1PJQWKE8vp9xuEbsxfhM-p2zNsrpHpQoeVJbOrgnzDd7aaafF7rlGr5LeFKSZoFOyQggJXK994P7xvRXqlUzmU41uxe&sai=AMfl-YTNK-jQ15N3Uz5DWgD9TSYafSoMGVXJMS7hkVPNyzMeiGsPK5YNxIgujgK2SxCAxrdILKj9wFzsvcWCoA6QqWzxX5mr1ahOt89KIDGjpGp_aCoAVv5nPMlIBTZ8QFm5uNJzyplRh93tFQz2xBc&sig=Cg0ArKJSzIfvSrrb5mo3EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jul 2023 03:25:47 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame 2421 26 KB
9 KB 32ms
32ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: gzip
last-modified: Mon, 17 Jul 2023 18:54:52 GMT
server: AmazonS3
x-amz-request-id: YDG8AXG540TWP33J
etag: "6247b34aaaa023705aa5146179ffd119"
x-amz-server-side-encryption: AES256
x-hw: 1689650747.cds271.fr8.hn,1689650747.cds248.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 8892
x-amz-id-2: hUNNQJ8NR6Tv5APXiP/AzB3Xpj6whOUudujd1FT2IhvwuZAtvAqsZIPfqjPaAMjMwLVyfRe3i8c=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2421 179 KB
56 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 03:25:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A72 0
0 68ms
68ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveYqvgCahGBrxjvvy3VqhLELYWzrwfuxGND23sTCLwGNLcPke1BHKVws_z_xI5OImo8jfL2hMa7eJxcv5vbf-hOuqknQWbCqmA2CbRGj7a5o5UOfArAweZ_TJzbJERsexFLMVcFkd5QfMFGx5pTxG8ZtODd9UbeOZFYJL5RGrRRnq7hucIQ6nBoVS_nc8SwbtGZAflLgikzpDNeCT8Kv8DqBDReQM_Ir9lK3MBRk-23Hb2nnhUXrSJPv38K0O9gGkurEwrRZTyguiA66seg19c-vHzhVHud5GyQl6WCl92e0m0mq99_57RY9mFfDoCIz5EwT9y6XYKDjBgBbeqnOwYHkDyWw&sai=AMfl-YQ94qQLbmgCg30oBGkw_sYqo5pU2fwoVsbF0vI3bV2k1trpDGXMlGSMVmTDRMaCKMVv--2-KwkpA49pmO59hF3jKjK06ZWQ7KyC8xIavfar9tAdBEjmM0P2rZk4Lfiiru5UUy3qNhRlzkkyZWQ&sig=Cg0ArKJSzCBqF9cVYp8aEAE&uach_m=[UACH]&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jul 2023 03:25:47 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230713/r20110914/ Frame 2A72 23 KB
9 KB 111ms
31ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230713/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 17378926570389699705
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 13:48:30 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230713/r20110914/client/ Frame 2A72 3 KB
1 KB 116ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230713/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 13:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49037
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 31 Jul 2023 13:48:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2A72 179 KB
56 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 03:25:47 GMT

GET
H2 200 9435140927320421974
tpc.googlesyndication.com/simgad/ Frame 2A72 92 KB
92 KB 116ms
37ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9435140927320421974

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de8279221cec92147e41e962754da2e9667fe862dc94f192566fa7bec3d11f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 10:50:54 GMT
x-content-type-options: nosniff
age: 405293
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93765
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 20:30:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 12 Jul 2024 10:50:54 GMT

GET
H2 200 container.html Show response
30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F4D4 6 KB
3 KB 31ms
31ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 03:25:47 GMT
expires: Wed, 17 Jul 2024 03:25:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2A72 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fff9e51a0d7bba716ccbac58c4a94ebb29698761273a904175ee175c20ab590

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A547 152 KB
50 KB 197ms
105ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6ab17a93c0f57131626cb4f50e09d463b031b2b21bf72850d6e56578651af1b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 03:25:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=pwlUpc6EhY3LecAmD40xeHC8oU2RrTQ7Ol0QDG70OOJV9cdroM3D6K7s4lJLvxHTR7L8s4VrvRV5jP-SGtZVcz3W_E4QDvii6AD9gt7ewvLybCVxMuIMqGBZJuGSUlRl-8pdq2n6S-kwvjdFFlo2JnNsgVgXxNcKIuS4NHFhRTrjCBEZ472SkWUZAfb4sbm5bM8FP2Q76MB_yAH3_-eGf83hfhBWIVeC2VDdIQOJ65qQ5lM23YCLBlkO0ueGGF92s5F5Ww"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 55663555
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0B7F 281 B
554 B 110ms
29ms Document
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Jul 2023 03:25:47 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 5452d898-963a-4324-b548-db3ddeffda78
beacon-fra2.rubiconproject.com/beacon/d/ Frame 2421 43 B
227 B 160ms
32ms Image
image/avif 2602:803:c004:200::154
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-fra2.rubiconproject.com/beacon/d/5452d898-963a-4324-b548-db3ddeffda78?oo=0&accountId=18812&siteId=405332&zoneId=2271886&sizeId=55&e=6A1E40E384DA563B2FF60800085F13D00AC375D2BD8B42CE250170AA550E0CC3BA92DC17672C0CC87CB5510D70D0D753172DB22D3B21A9B56D1C10E1B9EF15FB3E377C76CBE521F1E12BB6BA04C926BC2098B66F83D040275A6CA7858E86B3078A6A3F58E61C190E415273E4174C1266AD65D9516656477B274949248001B077D2414F0D5F9E1FF109453344FA2114EFADE6960C86C9A988F728AE909A3D7CCD79410C2D0AEF4449495544F533720630EA13C629DB2FF8FFD5F6A4CD6BDA024AD07B86035E36555CF8A068E8E77EACD2A631F6954583E065B60E492C7FC22B41DC89F775F9C7B628237FFA06C36D5463764B7FCF82D60233D11832EA14348FFCD3576F8E40046381018D66B9CE5529CB37AC62229946C7F73CA08A3502FED494AECF5FFC2C554653FFFC29819D0560F47F3F2338962C299BCCB9CC50FEBE7B252C9CB84E83BDD9062658493421969C5BDB5275DD70F708C9D60820E68C40F8BD329A3593744DFBF0D7FCB4A519DC3DE64C74F04B1075DA60B5A0A662E5B9CEF874781EBDC6D511A82FBBD298A2BE247383057606AD60E0677ABAB83D0974B30980E745AE4CBFCC1EEA3BFD372458A5D21CB4FB2E0659A4EF2E0DF98B4238975CE26DAE8F732BCADE2750ACB1AC127556ABAC003C3B685BFE73FF961AB1EEADD5B9A9AA403BFF3F283B98BC96021BC935EC47D9ABB8C179B5FAC99E59AD82C0FF0F7F6FF7052CC6954B6F880C1CA9A6D71B5CD79E360B611AEB5FD995501B1E0F7295306C46772CF145292C538ABAB7FC957F12174ADB78A696E82BA512081E19944DEADDDC734C046773D7AAE949F0CFB609B05DBD3D8B63D652C47B539A46FBA642899BA9B22525E77B9BED0CD7867CAAB6163C83FE3D0C7877AACDED0556D2E299BD549BEF2FD896087FE1637B2448234802615EA8BE993C87F0C7123E688A502D49D389D4954D400ED20A0B3CA0CEA940F843359D842C4EAB7F19828F13BA3D1EC7E1999D466D76F522BC9BC75A20468DF513E7E6A13236C54C173387A4FA1921A66CBE783968C2FF0642BD982FABA0EE128F4B8E369D74B4F3D2F3CDA373909C04C146AA75DBBAA0ACD4D6CC98DDDFD4F647FFC5216D0011858E8B302F3D5B02678CC2E94850E03CBF4DFFDF633A04C245FBCFFE7209A5F740461AC77376A0ECE2D6DB2B935FA55A5555E94031FF91E01F801C314C780006F2F75CDE9F0B

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c004:200::154 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F4D4 24 KB
7 KB 63ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com
URL: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 17 Jul 2023 18:12:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 16 Jul 2024 18:12:42 GMT

GET
H2

200

bounce Show response
secure.adnxs.com/ Frame F4D4
Redirect Chain

https://secure.adnxs.com/ttj?id=18678115&size=300x250&cb=1590098768&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstg3UuW0H0E9JKB7Ew8g4FHmHE-ycPkqDrWlaPFRVpfSizdq-wPumBlK2o8...
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D300x250%26cb%3D1590098768%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstg3UuW0H0E9JKB7Ew8...

8 KB
4 KB

44ms
43ms

Script
application/javascript

37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D300x250%26cb%3D1590098768%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstg3UuW0H0E9JKB7Ew8g4FHmHE-ycPkqDrWlaPFRVpfSizdq-wPumBlK2o8L6ZerwHRjiPS7NYstKDHZ_492Q1JbWUEVfNxJCZnBAzmMOe0153I7P91XZs5oUtorJiZ3sFYIhMBMxAi4HzJa2OjkQcYVevov0p98enZtAp45XLpzrQN8FalS4D8lx2lX8PcQgI6L3vGOsj4byHRHVvN6x1k7tRdPX5AK3eftO8GUt_I3Cyxf4G4U_k99QAnNnHEJ1KFE4n3HoV7ZgpHz7xmfAMWRu0K1De40QOn0VAtDfvokgwi6S561bgdFJ8q_E4qN6uh__tl9IFZFtc6UEyi9Xu4sE97TfLIiQw%252526sai%25253DAMfl-YTBLnhA1r7kksuARX3nbGbj7n_UyDrlN6_xFmO7pppKBvpeaEB-FDAhVLx0RNEPW-SjBGSJ1-bJIjLsE6VZxK4lrPH3Oz07OuF__yTE4qABdgu7wvwaEE-I7CYOFMdQMGv2mzWpHEXKiDfSBZE%252526sig%25253DCg0ArKJSzLJdONAqXETIEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D

Requested by

Host: 30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com
URL: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3a9e65159b05329ff5e3a7a98c2a049474d55f332e11a5d86069f7eadaa900b4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: gzip
an-x-request-uuid: 5692a0bc-287a-4e1f-a5a9-95e4c2ca781c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
an-x-request-uuid: c966a153-2de2-43a6-bc44-f6cc245bb6d9
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D300x250%26cb%3D1590098768%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjstg3UuW0H0E9JKB7Ew8g4FHmHE-ycPkqDrWlaPFRVpfSizdq-wPumBlK2o8L6ZerwHRjiPS7NYstKDHZ_492Q1JbWUEVfNxJCZnBAzmMOe0153I7P91XZs5oUtorJiZ3sFYIhMBMxAi4HzJa2OjkQcYVevov0p98enZtAp45XLpzrQN8FalS4D8lx2lX8PcQgI6L3vGOsj4byHRHVvN6x1k7tRdPX5AK3eftO8GUt_I3Cyxf4G4U_k99QAnNnHEJ1KFE4n3HoV7ZgpHz7xmfAMWRu0K1De40QOn0VAtDfvokgwi6S561bgdFJ8q_E4qN6uh__tl9IFZFtc6UEyi9Xu4sE97TfLIiQw%252526sai%25253DAMfl-YTBLnhA1r7kksuARX3nbGbj7n_UyDrlN6_xFmO7pppKBvpeaEB-FDAhVLx0RNEPW-SjBGSJ1-bJIjLsE6VZxK4lrPH3Oz07OuF__yTE4qABdgu7wvwaEE-I7CYOFMdQMGv2mzWpHEXKiDfSBZE%252526sig%25253DCg0ArKJSzLJdONAqXETIEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D
x-proxy-origin: 84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4D4 179 KB
56 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com
URL: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57311
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689594152080714"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 03:25:47 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2421 0
0 131ms
68ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRgDpapBjLAOVnrr_Fa8th5z1NnVexOVOq1yKO6ZOuTZFI6BvJu-15aH7oezQxDT0pqZG_zQfu09GklypKs7SBQoGHt5vLfcK-OGFWqaxcF3jDIGIYRsARlIrmFFJSw5xkvuGSmjrFgnsemUL9EqQ8N2X9zkMs2Z9HOdb_HfonK37BQOQ86NXCMFlntbG3J87kPUKJtzHp5S2wOjWoWVJ665xkUuqi3YgxmFgGkWeFwGHL0CvH56GDouMMbnLTlHgUfS0I7Q8g7WuxPuV7wn-xGuMxgGiO-86AdFoRW8ojtWAKldAROtTaVv-EO11fFTHI-4kTP9sbFPMYmO1KUcX5aE8V7xHzCbOxqBM&sai=AMfl-YSCMTHdJ80SPktXnMhTU8cDLf_qurng9ld_k0HEhAWUU2zVRm_ZN1xTmt-KDW9j_mkAku6wb1myXnzngYah1mFXRjlPbtLdY6XO7xesVQW4Sq8BbBnztMF8WcNp-7cfNGqwrwMNH9PUvuOQLS4&sig=Cg0ArKJSzFRGa-1nL2MiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jul 2023 03:25:47 GMT

GET
DATA 200
OK truncated
/ Frame 2421 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b3374d112be213b5b17e955b7425a1ac0f96b7b7f032d2c159cf795fcc84a54

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4D4 0
0 68ms
68ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOA-KEvTez88WU90oXmTHvOWS3Qypy7Nj_frcsfZgc-C35RqMaw5Y83g5G4y5iElc5_5tufre30zx5HI2J4u33jeGKUT0RgL3qbghCIRJG_SZ26qjkLoLq7Q5cc23AgWcS4DajBpvyAkDQIXOk6ShBmLAjGivSIXLR4MfGCAFgYgsKEKrjbMagM3RTDS5TST0ZZl6N9XLA0CxIhrru7bfU8ZbshPEpX-BBB6J5iXJjWI2i_QmxwkR50dJTjVlkr3zvudmM_xpb1UfSKqF0yVk3wRrRA8YYXUkMRVNKfNhhp9-VO1KYZZJ5-DaBcHpGHQwPG3pB_i1W-kTy_cMQ8oJjXvh6FVsiBApPrus&sai=AMfl-YQMBmGmEMyWeuChuecbOgrbo48M-Wrv1TLkvB84ugs-xKJlb-3FuRS_lh2odnz188qRoZlTvsES_juT2vuc7oiZdCK_SxyielLByrbCRSNmPUuzhN87TghPsOiuWIjo-PyOUmaV3XpXZc6uYKs&sig=Cg0ArKJSzC5x7AAv9Y-cEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com
URL: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0B7F 34 KB
10 KB 30ms
30ms Script
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d16b7e791947e153bd624220a710934e78b687ddb2ff2315adf78da32a953431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 03:25:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 01:54:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=80902
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 19 Jul 2023 01:54:09 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame F4D4 51 B
292 B 44ms
44ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=300x250&cb=1590098768&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjstg3UuW0H0E9JKB7Ew8g4FHmHE-ycPkqDrWlaPFRVpfSizdq-wPumBlK2o8L6ZerwHRjiPS7NYstKDHZ_492Q1JbWUEVfNxJCZnBAzmMOe0153I7P91XZs5oUtorJiZ3sFYIhMBMxAi4HzJa2OjkQcYVevov0p98enZtAp45XLpzrQN8FalS4D8lx2lX8PcQgI6L3vGOsj4byHRHVvN6x1k7tRdPX5AK3eftO8GUt_I3Cyxf4G4U_k99QAnNnHEJ1KFE4n3HoV7ZgpHz7xmfAMWRu0K1De40QOn0VAtDfvokgwi6S561bgdFJ8q_E4qN6uh__tl9IFZFtc6UEyi9Xu4sE97TfLIiQw%2526sai%253DAMfl-YTBLnhA1r7kksuARX3nbGbj7n_UyDrlN6_xFmO7pppKBvpeaEB-FDAhVLx0RNEPW-SjBGSJ1-bJIjLsE6VZxK4lrPH3Oz07OuF__yTE4qABdgu7wvwaEE-I7CYOFMdQMGv2mzWpHEXKiDfSBZE%2526sig%253DCg0ArKJSzLJdONAqXETIEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 727916
expires: 60

GET
H2 200 ttj Show response
secure.adnxs.com/ Frame F4D4 0
646 B 45ms
45ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?ttjb=1&bdc=1689650747&bdh=VwDH0nRXvViy8tZp-j_ixwS0aHw.&&bdref=https%3A%2F%2Fwheregoes.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwheregoes.com%2F,https%3A%2F%2F30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&&id=18678115&size=300x250&cb=1590098768&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjstg3UuW0H0E9JKB7Ew8g4FHmHE-ycPkqDrWlaPFRVpfSizdq-wPumBlK2o8L6ZerwHRjiPS7NYstKDHZ_492Q1JbWUEVfNxJCZnBAzmMOe0153I7P91XZs5oUtorJiZ3sFYIhMBMxAi4HzJa2OjkQcYVevov0p98enZtAp45XLpzrQN8FalS4D8lx2lX8PcQgI6L3vGOsj4byHRHVvN6x1k7tRdPX5AK3eftO8GUt_I3Cyxf4G4U_k99QAnNnHEJ1KFE4n3HoV7ZgpHz7xmfAMWRu0K1De40QOn0VAtDfvokgwi6S561bgdFJ8q_E4qN6uh__tl9IFZFtc6UEyi9Xu4sE97TfLIiQw%2526sai%253DAMfl-YTBLnhA1r7kksuARX3nbGbj7n_UyDrlN6_xFmO7pppKBvpeaEB-FDAhVLx0RNEPW-SjBGSJ1-bJIjLsE6VZxK4lrPH3Oz07OuF__yTE4qABdgu7wvwaEE-I7CYOFMdQMGv2mzWpHEXKiDfSBZE%2526sig%253DCg0ArKJSzLJdONAqXETIEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
an-x-request-uuid: 3908d053-68de-4544-8e92-b2e7fa06790c
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2A72 0
0 68ms
68ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvJYb2-yuhbluGWgE1MTypUaBVjdqIJoZyZ0jOB3KSwxyrai_rep77UFjpJ4X_BG_52YosJ_km4kWZV379HwPPqR0M2V2vujGrqm2Iir6lO5es0KvZ4niyP0CZih68JgrqBh74n_HJ008S99Dji4snQF-C3uisrVNHwshXMeHhPsW9kG_rF-pxDOmYmsrVAI6rXWj0dZzWNwrSdBg36Ehcpnk652cfTd1fmwc7HHotK8Fbpmo5UUVJPL2QzEq7mp8RRVG78MstcVpd5u9azMhYGhbCwiA5jja0K2cd-HXrf3RArSdrw1ChmcEwiayhffNXyaKHKEq1QKU1N_yFD_pqnyTok0nsM&sai=AMfl-YTRtv-oi3QRs8BOqCnQDgElPMg4mkSNkCtiLkKPfd6_ldJnlJ6V7JXB0wQtNe384KxE9IpRDkuvkegcf2IQm-Z2FxP1zoeB798wpVzXJgejvJabee_4Yb1jvHuY73UNZq3haQU67MKEkyCxKpE&sig=Cg0ArKJSzI02H05fE_2mEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jul 2023 03:25:48 GMT

GET
DATA 200
OK truncated
/ Frame F4D4 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c18e6a8c0fae807d3b2657c88722d268414bd862dfdb8af26c24a553b2d3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F4D4 0
0 68ms
68ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstH67DuOrdir9mMbjvYBDkTb-jdRZ3A8FUxhYLbwC9Rnlyno12gpwBFnZS-R6a9L9tZK-5k1zf7ycODjryYWGxnSTeH-qRjfOxFFSGbyJfU-y8MkoM9ZB3hijd47WO09lhL6djzQ3OMCxV5nC2vw60-URcCWPxONLOoi2G9znwafj01CwL3hZThsbflW01lRyisKXq79P48S__YXs1dAZn8KO-q-LNwQtGfUp3tlKb_M2WE1cnexK35IcwcY7pi0vq9b_PxcOyZdr578VfIn_XbxvZsVEkkpjNj_dSBzp3vOzp0JSgL5bVElVm42Lx20-q0DbMHiX0MB6YwDvpJzL_g9M7CpTh03XangCJiLw&sai=AMfl-YRt6ngV6iwUz4aSBLBjSXT2gXuUmAHDI1XxPSct_c0H-lDLxyKDIlorz2HAuDQcbiMCiWwco__qehXUn4nSI0h9_SKpTfUSeDTNh_8TJwpY4MfzFM_MY-GQRS41ukGeKfBUIfl4Lj2Q-nUrmno&sig=Cg0ArKJSzAmtcIPnt0bUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 18 Jul 2023 03:25:48 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A547 2 KB
1 KB 45ms
44ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A547 2 KB
1 KB 46ms
46ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A547 308 B
636 B 47ms
47ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A547 293 B
621 B 42ms
42ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A547 43 B
348 B 135ms
41ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=EBX-4MGDl8cWpr1xN1ZW5Q6MLAofXjvOO6evnfTkMOi9hnJCKPa2LnlK_dGMkiRrLxVZkaaZ76PekreKNJqIhcMPHl779-Qs8uYnFSOuE7ftd0z5bRXFaPbrul5QvyFsqo8sQWvR0MpOQK7BZt125gklAGlorDMpMrsY9AhJG8cd7NhFkvHn3uq_2yScI8KJXjKSnelXlnB2cQgjgZr8vpDHJNp8lX3qQCBw6i2kiasSniDYYkk1kzdbWrXTq-PaomSoyNW9jCVEtYux1lyUb8oV63JChHarsltNeD_AxVwRMLhSnccML9ZekXS9Cn1aK2Dp23gkUFQdO8E1lw7iOp1_4-ybdUg8ZyWN6AOsLFFRWh50j9yXJdRvFsoPjoasorjTJaDTBRmrZBg006npMWZJGDfEaaGPf_YqjfRkesNUN82I

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3038918
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dis.aspx Show response
widget.nl3.eu.criteo.com/dis/ Frame 860D 6 KB
3 KB 140ms
39ms Document
text/html 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=64b6063a3dff5bb14757581ff050afa3&r=https%3a%2f%2fwheregoes.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f73f21b045d1f7f1e1599bead29048eea0b90ce140f35761630840340707f45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Tue, 18 Jul 2023 03:25:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1938750
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A547 12 KB
5 KB 105ms
37ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 902826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cdfBOXhiqVPzvXBKWkO2%2F1gVL%2BqPMYdZk%2FsMGBa8eByh3%2FXvxiXTmngzCOKShHO%2FnYYcCZfapzVOcjUI3Tf2GEAIEIkxMUkQ%2FDmLAafQyNCMXR5ioy9TFkHLpVizwoN4WMS3J3Npt0hpuSwPInYlMifC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e879e980e7cbbbb-FRA
expires: Sun, 07 Jul 2024 03:25:48 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0B7F
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QqvlZ-w2TLy312zfjwDy7w&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QqvlZ-w2TLy312zfjwDy7w

43 B
479 B

122ms
122ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QqvlZ-w2TLy312zfjwDy7w

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jul 2023 03:25:48 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 59N1RG3YC5FG69AMM3B4
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=QqvlZ-w2TLy312zfjwDy7w
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 0B7F
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK7QFGO4-19-21Z2

0
649 B

305ms
203ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK7QFGO4-19-21Z2
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 9F421418F334425890B0936F733F2535 Ref B: FRAEDGE1814 Ref C: 2023-07-18T03:25:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYAunin0vKK9tBb3rN6ZA==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LK7QFGO4-19-21Z2
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0B7F
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEs3UUZHTzQtMTktMjFaMg==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHA4AZp7jAhZ8qZAxlQ5pvw&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs3UUZHTzQtMTktMjFaMg==&google_push=

170 B
188 B

42ms
42ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs3UUZHTzQtMTktMjFaMg==&google_push=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEs3UUZHTzQtMTktMjFaMg==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 0B7F
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTc3MmQyNjVjN2Q1NGUyOGMxMmRiYmVkZGFiY2EyMThkZDk2Mjc5Zg

170 B
243 B

51ms
40ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTc3MmQyNjVjN2Q1NGUyOGMxMmRiYmVkZGFiY2EyMThkZDk2Mjc5Zg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTc3MmQyNjVjN2Q1NGUyOGMxMmRiYmVkZGFiY2EyMThkZDk2Mjc5Zg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0B7F
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=8VketnEdQn6SjexpF_I35A&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8VketnEdQn6SjexpF_I35A

43 B
720 B

129ms
129ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8VketnEdQn6SjexpF_I35A

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jul 2023 03:25:48 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: FVG6C8WKY540QGWG4XKF
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=8VketnEdQn6SjexpF_I35A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 0B7F 70 B
265 B 178ms
57ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 18 Jul 2023 03:25:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0B7F
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/J1M0nSX2l3T6w_o9Qn8oDcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9U25.QJE2oLH3gnwx6aIaxMMbEuZTGHcQ_xCLw--~A

0
239 B

30ms
29ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9U25.QJE2oLH3gnwx6aIaxMMbEuZTGHcQ_xCLw--~A
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 18 Jul 2023 03:25:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-9U25.QJE2oLH3gnwx6aIaxMMbEuZTGHcQ_xCLw--~A
content-length: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0B7F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB74sAlXCm10y48HvDZ3W-s&google_cver=1

0
239 B

137ms
31ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB74sAlXCm10y48HvDZ3W-s&google_cver=1
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20233268281/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB74sAlXCm10y48HvDZ3W-s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A547 12 KB
6 KB 48ms
48ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 a5bbcaa1e3104160888b2a5846bd18e8_cpn_970x90_1.jpeg
static.criteo.net/design/dt/19906/4597198/ Frame A547 60 KB
60 KB 56ms
55ms Image
image/jpeg 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/19906/4597198/a5bbcaa1e3104160888b2a5846bd18e8_cpn_970x90_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e27d34e90a322fc13a0bb7c698698396048dce37d2481edc363af98257a3ecf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:46:17 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "64ad5d29-efcc"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 61388
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A547 11 KB
11 KB 142ms
52ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=176&m=0&partner=19906&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F190812%2F319a2d5469c04e068839667ed003cd32_logo4.png&v=3&w=256&s=MtvzsfEigKKy_3FBp1CFhNoj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2f3a52beaf07f194213758f08179fa1c327d62028bc71337019fd939fc153b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 11102
expires: Mon, 17 Jun 2024 07:25:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A547 11 KB
11 KB 188ms
99ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F49810001_4-202302231235.jpg&v=3&w=400&s=ZVOHaTPYtmUsIVRoJAmySQgX&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bdfaef8c844bc0a0f53e2cf893d28a1fdcd920bcea0a118a04df0bf4797b788c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 10904
expires: Sat, 15 Jun 2024 05:59:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A547 3 KB
3 KB 172ms
82ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F25405589_3-202306061241.jpg&v=3&w=400&s=pgP5vmgQFnadr-TgJITgY_z7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7bf0ddbb68801eeb839dfcb737224fd0d397d4c4e29c361c496530c5b8a8ba2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 3200
expires: Fri, 31 May 2024 16:28:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A547 4 KB
5 KB 194ms
105ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F19906%2Fbadgeupdate.png&v=3&w=400&s=sFPYPwb7keL_Ew6_IWjCVNv_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

09f4fc66b54af0a3ab7d4a5172c7930fdd2f0df1c5ba5eb32e343e9a62feb3c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 4450
expires: Tue, 18 Jun 2024 09:15:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A547 4 KB
4 KB 176ms
87ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12531234_2-202007080903.jpg&v=3&w=400&s=Xjibt7whItl5SEsGvdtOla-9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

17b79cd9eb83b12737f2faf1cefabba67c4fa3997e88cfb940b39c20bbd8d67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4278
expires: Sun, 16 Jun 2024 07:31:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A547 6 KB
7 KB 200ms
110ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12123036_2-202111021308.jpg&v=3&w=400&s=Flng4mcWBm6_CVAKPK-K0dBQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aab3567f59048814414d58990510744ce0f0a2ac3489bd1e76754b71b56e6d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 6486
expires: Mon, 17 Jun 2024 11:35:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A547 5 KB
5 KB 109ms
108ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F13345487_3-201912302232.jpg&v=3&w=400&s=6jbeitHrIvY4IW36zyV8-yPw&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

69d04c36bf70f92000666b9ab7e6048411313950fa3555b0299545521fdc4e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4994
expires: Mon, 17 Jun 2024 10:56:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A547 18 KB
18 KB 126ms
126ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F11523908_1-202002140031.jpg&v=3&w=400&s=UvTejY39ENFfRZRdqTIrucyh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f2ece5fb0ba96dcaf1db5c9b28c9e4e5a4dee837c3b1302dc7c10b0f4f35c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 18196
expires: Sun, 09 Jun 2024 07:19:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A547 3 KB
3 KB 129ms
129ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F804940_13-202103091243.jpg&v=3&w=400&s=I3d54X-c6NKFfkuuqhg-ZBh_&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c885e9db4f124573f8f5d7cf7084dca3610712344530f03ba0ba26c9771ea70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 2578
expires: Mon, 17 Jun 2024 15:33:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A547 0
128 B 144ms
43ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=pwlUpc6EhY3LecAmD40xeHC8oU2RrTQ7Ol0QDG70OOJV9cdroM3D6K7s4lJLvxHTR7L8s4VrvRV5jP-SGtZVcz3W_E4QDvii6AD9gt7ewvLybCVxMuIMqGBZJuGSUlRl-8pdq2n6S-kwvjdFFlo2JnNsgVgXxNcKIuS4NHFhRTrjCBEZ472SkWUZAfb4sbm5bM8FP2Q76MB_yAH3_-eGf83hfhBWIVeC2VDdIQOJ65qQ5lM23YCLBlkO0ueGGF92s5F5Ww&sds=2&rev=87483&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A547 2 KB
1 KB 95ms
95ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A547 2 KB
1 KB 97ms
97ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame C08B 43 B
146 B 275ms
31ms Image
image/gif 3.64.241.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-F-xpTYUPKEXj2VxP1UaMnq8IcHDvAsgsACJaZA&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.241.131 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-241-131.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame C08B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-7RQubIUPKEXj2VxP1UaMnq8IcHBt0kH40dS2Kg&google_cm&google_hm=ay03UlF1YklVUEtFWGoyVnhQMVVhTW5xOEljSEJ0MGtIN...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7RQubIUPKEXj2VxP1UaMnq8IcHBt0kH40dS2Kg&google_gid=CAESEDdO9dWIoZmtw67zyItvNko&google_cver=1&google_ula=913071,0

43 B
370 B

154ms
46ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7RQubIUPKEXj2VxP1UaMnq8IcHBt0kH40dS2Kg&google_gid=CAESEDdO9dWIoZmtw67zyItvNko&google_cver=1&google_ula=913071,0

Requested by

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 567734
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-7RQubIUPKEXj2VxP1UaMnq8IcHBt0kH40dS2Kg&google_gid=CAESEDdO9dWIoZmtw67zyItvNko&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame C08B
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3380780347506052618

43 B
370 B

164ms
48ms

Image
image/gif

178.250.7.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3380780347506052618

Requested by

Protocol

Server

178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:48 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1028969
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:48 GMT
an-x-request-uuid: 4ea6b252-eede-4e6e-8664-b9dbb65b685e
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3380780347506052618
x-proxy-origin: 84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
secure.adnxs.com/ Frame C08B 43 B
854 B 48ms
44ms Image
image/gif 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-SmtFAIUPKEXj2VxP1UaMnq8IcHDDAjMMI5XTxw

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:48 GMT
an-x-request-uuid: 7a5b4c94-236c-410c-95fe-a46f82122904
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame C08B 61 B
794 B 223ms
77ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-THCc-IUPKEXj2VxP1UaMnq8IcHCpYlOY1yh4ow

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 18 Jul 2023 03:25:48 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Tue, 18 Jul 2023 03:25:48 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame C08B 0
239 B 131ms
32ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-04Po_oUPKEXj2VxP1UaMnq8IcHDgS7GLU5arMg&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame C08B 0
364 B 120ms
30ms Image
text/plain 3.66.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-ggh45YUPKEXj2VxP1UaMnq8IcHD8vQGXtTvB2g
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.4.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-4-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame C08B 43 B
163 B 209ms
61ms Image
image/gif 185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-YwBAeoUPKEXj2VxP1UaMnq8IcHC0gg1WGvohtw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame C08B 0
99 B 225ms
41ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-TmVJQIUPKEXj2VxP1UaMnq8IcHCJVKgbTZ0AQg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 36373

GET
H2 200 um
criteo-sync.teads.tv/ Frame C08B 23 B
163 B 207ms
62ms Image
image/gif 23.205.93.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-UIY08YUPKEXj2VxP1UaMnq8IcHAG-eWwnx2wgg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.93.33 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-93-33.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Tue, 18 Jul 2023 03:25:48 GMT
pragma: no-cache
date: Tue, 18 Jul 2023 03:25:48 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame C08B 37 B
140 B 114ms
33ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-_pBLEIUPKEXj2VxP1UaMnq8IcHBw5VwCEKwvRg&dongle=013b
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame C08B 0
125 B 178ms
33ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-3oivyYUPKEXj2VxP1UaMnq8IcHAL-Fm8OzM0wA

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame C08B 43 B
164 B 174ms
43ms Image
image/gif 37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-HvbKNYUPKEXj2VxP1UaMnq8IcHBbyKXU_5hKpQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
last-modified: Tue, 09 May 2023 09:46:55 GMT
server: nginx
accept-ranges: bytes
etag: "645a168f-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame C08B 49 B
235 B 175ms
50ms Image
image/gif 185.255.84.153
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-cG2NoIUPKEXj2VxP1UaMnq8IcHBivdhlrj9kaQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.153 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:47 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame C08B
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TSDOsIUPKEXj2VxP1UaMnq8IcHCTadKW01XDGA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TSDOsIUPKEXj2VxP1UaMnq8IcHCTadKW01XDGA&C=1

43 B
766 B

41ms
41ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-TSDOsIUPKEXj2VxP1UaMnq8IcHCTadKW01XDGA&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jul 2023 03:25:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 18 Jul 2023 03:25:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-TSDOsIUPKEXj2VxP1UaMnq8IcHCTadKW01XDGA&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame C08B
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=O7xRnsFvF7L-AvkVgKMKPxwBxENv1utE
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=O7xRnsFvF7L-AvkVgKMKPxwBxENv1utE

42 B
942 B

108ms
107ms

Image
image/gif

52.31.139.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=O7xRnsFvF7L-AvkVgKMKPxwBxENv1utE

Protocol

HTTP/1.1

Server

52.31.139.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-139-111.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v050-096fd6b03.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: lJ+YpqzHRDI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-0ae218911.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Luutf44GSug=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=O7xRnsFvF7L-AvkVgKMKPxwBxENv1utE
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame C08B 43 B
1 KB 104ms
32ms Image
image/gif 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-LliSZYUPKEXj2VxP1UaMnq8IcHATR6UyQfT_2Q

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 18 Jul 2023 03:25:47 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame C08B
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-9PyplIUPKEXj2VxP1UaMnq8IcHABz2ruWflovA
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9PyplIUPKEXj2VxP1UaMnq8IcHABz2ruWflovA

43 B
446 B

57ms
56ms

Image
image/gif

99.81.60.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9PyplIUPKEXj2VxP1UaMnq8IcHABz2ruWflovA
Protocol: H2
Server: 99.81.60.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-60-149.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 Jul 2023 03:25:48 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-9PyplIUPKEXj2VxP1UaMnq8IcHABz2ruWflovA
access-control-allow-origin: *
date: Tue, 18 Jul 2023 03:25:48 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame C08B 42 B
274 B 120ms
37ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-m_-89oUPKEXj2VxP1UaMnq8IcHCX6ZJKwEF_ow
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:47 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame C08B 0
880 B 134ms
49ms Image
text/html 18.192.135.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-s-knRIUPKEXj2VxP1UaMnq8IcHAX_Li0Cg5hqQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-227.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame C08B 0
145 B 626ms
143ms Image
text/plain 64.74.236.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-pTOVQYUPKEXj2VxP1UaMnq8IcHCtGZ0YFG3t1g&initiator=partner
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 03:25:48 GMT
Cache-Control: no-cache
X-TraceId: 81e8038483382613458cd469c162ea8c
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame C08B 42 B
585 B 203ms
58ms Image
image/gif 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-63BRs4UPKEXj2VxP1UaMnq8IcHC7rPXAnCNFGQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 18 Jul 2023 03:25:48 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame C08B 43 B
400 B 361ms
114ms Image
image/gif 2600:1f18:612b:4232:6002:dd61:700b:6e32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-p4RpiIUPKEXj2VxP1UaMnq8IcHDopKFXmjDz-A
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:6002:dd61:700b:6e32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 18 Jul 2023 03:25:48 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame C08B 43 B
153 B 163ms
50ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-qPP2x4UPKEXj2VxP1UaMnq8IcHDBOB7dLzNRKw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 18 Jul 2023 03:25:48 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame C08B 0
400 B 132ms
48ms Image
text/plain 184.30.17.243
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-0zq8jYUPKEXj2VxP1UaMnq8IcHDCp111gAn-7w
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-243.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 18 Jul 2023 03:25:48 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 17 Jul 2023 03:25:48 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame C08B 0
38 B 232ms
56ms Image
text/plain 52.30.155.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-bMswJYUPKEXj2VxP1UaMnq8IcHBpfYvHFoHyHw&pn_id=criteo&ext=1
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.155.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-155-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame C08B 0
44 B 139ms
34ms Image
text/plain 52.59.13.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-3orqaoUPKEXj2VxP1UaMnq8IcHB861C4HDee2g
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CT8kb3K%2FbVh39ZG3NItvA%2F6i3vAgl7OtiQUtnLNyQU9U%3D%7C&c1=JrbohDAzizBCiLKN5O6jHaciAGCxxZxhz-rXaRM-9rGIUsm7h7ieQmLBDGPkyiLsdbM7-4q1VzYay9_T6Y1oi4b2ZGTiAc3QwA4IL0NnmNXTP3WTQ88I2VZkIoTbX4TuuIYzE4NgZv1zBL7ehoYID5ESnTlqUXCLI6EqKPNorj4c2xWcHaa4e64X6TxE4IkEFZmvDIDJWEJ1WaObROOUDQYLBuUkkPEr00xb1-QHOcFx_IpFY1IQ8laz3EaYKq4O2OsR2Lwfi3cNgtTj8Sqlcf8dkNa-VjVFR5LQSh2-GFRHVl9Y6N7mpTTaCxm17-iFoW5zPttxsrPVjUwAnYYUYL-El-n-XsYlrNR_cguL1ih9dtVsDUHRrBQekJeWZSozrG4FGETiUt1L9Iyuslios7rQaTWVXc0mDtZF4-MOp1JxwpiYelptoEWArraQvwSMXIro7J8zZkY0OmygYlZA9S_i11UtarcOTQ8Y-Jtt630Fa3VSpm_SqGTcm2M5VM0J7EFOOWcuNZMYEUQeIvs_sSaUDVgvDGRittYVx2eZpOy6FdsXkWTW8ZdnZVeIJrBpXRJ2WHuPSRsVcUIKVfnS7g--mqzahmEa76WLZoMsK6d137jfeWurNrnYC8jkmIxAm82jpXrLlf45cMC_pboEh_OJBeJVMDev06WlDB3jyFflZ5DuVkxf1A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.13.76 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-13-76.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
server: awselb/2.0

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame A547 2 KB
899 B 46ms
44ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame A547 2 KB
900 B 48ms
45ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame A547 16 KB
17 KB 169ms
83ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 12 Jul 2024 03:25:48 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 118ms
48ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1270fdff4e83686c8a2f040382b78890efec883791c6d1316a585cfbf0d84ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11624
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307110101/pubads_impl.js?cb=31076055

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 03:25:48 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D44 13 KB
5 KB 34ms
30ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 17 Jul 2023 21:35:10 GMT
expires: Tue, 16 Jul 2024 21:35:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C2E2 783 B
1 KB 112ms
40ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

19c6db4b2ddf05678ef3c8cae771f3af934447c736aa16cb5fd1c19945fee70b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-82QJ-xwjSE9xjyLGxM_7dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-82QJ-xwjSE9xjyLGxM_7dw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 03:25:48 GMT
expires: Tue, 18 Jul 2023 03:25:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D44 37 KB
14 KB 97ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xPjb_p3hYD-gBvDHxI7FAd1aqHiPoTUcw2b5mPTeRvw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 14:04:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 393652
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 03 Jul 2023 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 14:04:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C2E2 0
0 65ms
64ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307110101&jk=3788872779337663&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame C08B
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5TXcSeY_cEvnDe5DbylbOgwBzbREpnpd

0
338 B

197ms
56ms

Image
text/plain

34.252.7.215
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5TXcSeY_cEvnDe5DbylbOgwBzbREpnpd
Protocol: H2
Server: 34.252.7.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-252-7-215.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n007-dub-prod.krxd.net
date: Tue, 18 Jul 2023 03:25:49 GMT
cache-control: private, no-cache, no-store
x-request-time: D=44 t=1689650749
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=5TXcSeY_cEvnDe5DbylbOgwBzbREpnpd
date: Tue, 18 Jul 2023 03:25:48 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 511362
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6D44 0
10 B 29ms
29ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Nkr0bw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2421 42 B
174 B 67ms
66ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsveILx1o0DYp9aZAySqqbn6FzByOdLlNbEFh5DqJHQj15PTQo9XEM0sLPAPzcvgP_JQlZqDuSmcEt-cXn7j7DAFxuzWXkjkZfG5v26ojNPAB6aS_rpE&sig=Cg0ArKJSzPtRXwlhAiqCEAE&id=lidar2&mcvt=1000&p=440,315,534,1285&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230717&bin=7&avms=nio&bs=1600,1200&mc=0.95&vu=1&app=0&itpl=19&adk=1696759606&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689650747771&rpt=120&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2A72 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrQyHzx4aKlsPh76nAQbXQcZ7lP90CLGlXwyMqN1CQk5_3jbs9NX2ibIiouu77l5Uu5jpu9XAF3UvrpbJ-cRZgmEL8FVKxTLc9WG3PyrO3K2y_io76&sig=Cg0ArKJSzONqzuFBVgXZEAE&id=lidar2&mcvt=1000&p=666,1091,916,1391&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230717&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2861055222&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689650747790&rpt=192&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F4D4 42 B
64 B 67ms
66ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuCpIKovn22qhxIfBJVMZZLx3FNQoEMjqdK8HHvSdkpy1X0HqGWOhD-G92t5VnbXGVerTHjxej2T0U2smp0GLf3Il1_cKbTpYNNLLuWr5dt-dPCG6Jl&sig=Cg0ArKJSzCt-auwulV_MEAE&id=lidar2&mcvt=1000&p=950,1091,1200,1391&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230717&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=3809685794&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1689650747803&rpt=208&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cs
s.thebrighttag.com/ Frame C08B
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2L2jf7ErVT7cAPKHD73ovwFL4djuVw8w

35 B
267 B

407ms
128ms

Image
image/gif

3.130.44.66
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2L2jf7ErVT7cAPKHD73ovwFL4djuVw8w
Protocol: H2
Server: 3.130.44.66 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-130-44-66.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:49 GMT
x-bt-requestid: cab1ee60-251a-11ee-8e08-0000ac170312
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=2L2jf7ErVT7cAPKHD73ovwFL4djuVw8w
date: Tue, 18 Jul 2023 03:25:48 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 831659
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame A547 0
127 B 42ms
42ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 18 Jul 2023 03:25:48 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
68ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307110101&jk=3788872779337663&bg=!dXaldiLNAAa3SiIRl0o7ADkAdvg8Wr2FvrIaECoOC_sd2pJ9FJqC19-d5ueKfMIAQqHhPeXxhOaTiIAn3B4iQZNuL4u1Vcy3XyYCAAAAR1IAAAAGaAEHmQKpZsbxhCs-P8VQK47piehQ5zV3pjq822dnsG_5M0_1s141MzaimV-Si-6DH3vqDFaWslkruAAcYBylV2lGJJO8RE3Cx7lf1WndJedD68wVCf0Ab6sy3GA46EXNHuaPBG8AFaXDF4kMyiVAe4Q0fosYO11Fv0reg04d7bSce0hyyVX8sK_QF9gRS2_FoYPAfp6Ju96CiBHeuYYG_NazmsOBIRmBumoF85HoSimQBkpYiZRJZnRKgYKuNynddIxqzM-FcMrOFoVChSI23QpVBlC6j7gaLzX--HkuL91KyLz-fRxRcB8EDb5zy-wrQDqejHDtvTfvIA013kKydWOZTIEL2wCAxxayhKgD6ugYXAbZWrPRsACdbjL20Z3FAqKiZrsSeuJ_9OOviUjdUkg9MLsLQPruOe6tWrU3_toJuDOBIXfm_mwYSBMQxiTrSkz4JvOpLvir70uLDNow5A1GuNE9-dkd2ci3dTGDlTakHZZO-4s7SSLKswdw-o6geav3zHjoxSlBbbCFQ4Ts65JuhShb3LN8GoTB-Z8jcsoO5QBWwjpnqBvLBBfUL02gp8QB_YpPTBwXptHeNtQPUayHtm8tbyoWvbquD3HAHmzeZgP_AUjCIgFa484_BmtR4x_rkO9Tp4P9-6CbYm_btK8iXr-U76o5blPLb_Ln1MN1kcb_K8rnyYcXzb_rRnHtHH4nk_K-xc6WUY3bW-XSgbz7FdtMc-__nxw_W_ED3U_Z-h7HrkbknPI-LtTjGbtQDM_SmGBUL_viaI5j37fcQPuLXpX0hP6uLK6lfRowQinXz9bZFweejw7WoFA2vIoxNXOecEVJU_QhJ8t_p0xgY2uH2xR4MAvld_iG_8BYFLd5R7AL1UtJ2AcRVP3z1s-NxQ0Ws2ytnHRXK5gexLXO
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 48ms
48ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Jul 2023 03:25:49 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5248 15 KB
6 KB 49ms
49ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Jul 2023 03:25:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 587385
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 56ms
55ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-17893"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 19 Jul 2023 03:25:49 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5248
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=wheregoes.com&sn=ChromeSyncframe&so=3&topUrl=wheregoes.com&bundle=UBIGj19QZW1NbEhIZlpjJTJCTlh2bjFGQ0hteDl6SWRVc0hROXk4NGxxVGlyck5mTHdsVTVU...
https://mug.criteo.com/sid?cpp=NTi5CHwwdVpXNnJyQVVSemRTTEN5V3Z0VTVzMnFmeWkwSlJOeFNTd1pHR1ZHSncyd3J4NEMvajhWa3VuckxPZ0RLck5YZUZIeHc2T3AxZTBvUGkwR2g1cmRqMXhtRXBtdXV3Vk1wUWRlSDFsWWFqTUNFWlNDdGoxMG9jR0...

449 B
675 B

36ms
36ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=NTi5CHwwdVpXNnJyQVVSemRTTEN5V3Z0VTVzMnFmeWkwSlJOeFNTd1pHR1ZHSncyd3J4NEMvajhWa3VuckxPZ0RLck5YZUZIeHc2T3AxZTBvUGkwR2g1cmRqMXhtRXBtdXV3Vk1wUWRlSDFsWWFqTUNFWlNDdGoxMG9jR0lKU2h2WU1NQjNKd2c4WkVFSWIvVWZiMVlPc2l6b0NoOTdXR3hSYUh2K2x5ckxwd3ZVVTkyVUJsYXVGdmxKYm9XVHpGeFNEY2crYTF5cUF2dktad0NuZG1TS0VDN3kvL2diOTBuMktKKzNYUzlTUGtFNnVVRmlsSi9KRFZEblJpWTRQWFNVQnk0V3lCOGY3YjRIUFUvUTZYSGUxTHZRWUNJdkNuc2I0azltcERFbEE5ck1ZND18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

00f3d33309e46214491e783c06ee55b37c25e70f41d7112437bcc19ddd35261b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 758579
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:49 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=NTi5CHwwdVpXNnJyQVVSemRTTEN5V3Z0VTVzMnFmeWkwSlJOeFNTd1pHR1ZHSncyd3J4NEMvajhWa3VuckxPZ0RLck5YZUZIeHc2T3AxZTBvUGkwR2g1cmRqMXhtRXBtdXV3Vk1wUWRlSDFsWWFqTUNFWlNDdGoxMG9jR0lKU2h2WU1NQjNKd2c4WkVFSWIvVWZiMVlPc2l6b0NoOTdXR3hSYUh2K2x5ckxwd3ZVVTkyVUJsYXVGdmxKYm9XVHpGeFNEY2crYTF5cUF2dktad0NuZG1TS0VDN3kvL2diOTBuMktKKzNYUzlTUGtFNnVVRmlsSi9KRFZEblJpWTRQWFNVQnk0V3lCOGY3YjRIUFUvUTZYSGUxTHZRWUNJdkNuc2I0azltcERFbEE5ck1ZND18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 245568
content-length: 0
expires: 0

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame E6D2 24 KB
8 KB 60ms
59ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a6f71b88326bcf1206038c02c0404658b5a65e757e38c80ee4121dc796475668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=133814
content-encoding: gzip
content-length: 8513
content-type: text/html; charset=UTF-8
date: Tue, 18 Jul 2023 03:25:50 GMT
expires: Wed, 19 Jul 2023 16:36:04 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 096C 9 KB
4 KB 118ms
29ms Document
text/html 13.32.99.50

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.50 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66283
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Mon, 17 Jul 2023 09:01:08 GMT
etag: W/"481f0eb11193eeaea6a690e5c66c57a4"
last-modified: Wed, 07 Jun 2023 17:56:33 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
x-amz-cf-id: pW3RL84kORb0heU2n7lQftLFP53vpX9CUBD7BEX8FLKNMjIrnK88nQ==
x-amz-cf-pop: FRA60-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0c92ffba-51e2-4731-859f-5f9f5816d5c0
x-amz-meta-codebuild-content-md5: 0784681e688ba45904ac0a64aa0b0a6b
x-amz-meta-codebuild-content-sha256: 956b79d89029f14eaea1f363768b0942a0576bc42557ef6c8f6cc53fdc4d8515
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 204 /
onetag-sys.com/usync/ Frame B37A 0
0 32ms
32ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1689650747407

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5E33 52 KB
17 KB 156ms
47ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 67518
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 18 Jul 2023 03:25:50 GMT
ETag: W/"623de86a-cf34"
Expires: Sun, 16 Jul 2023 08:40:30 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 445, 182091
X-Served-By: cache-lga13626-LGA, cache-cph2320041-CPH
X-Timer: S1689650751.742128,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame F671 281 B
554 B 29ms
29ms Document
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1689650400000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Jul 2023 03:25:50 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame F671 34 KB
10 KB 33ms
33ms Script
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d16b7e791947e153bd624220a710934e78b687ddb2ff2315adf78da32a953431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 03:25:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 01:54:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=80899
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 19 Jul 2023 01:54:09 GMT

GET log
c21lg-d.media.net/ Frame E6D2 0
0

GET
H2 200 13926
g2.gumgum.com/usync/ Frame D818 4 KB
2 KB 196ms
54ms Document
text/html 34.241.189.173

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.241.189.173 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 18 Jul 2023 03:25:50 GMT
etag: W/"02f3166e3f8301ebede47cc4abd91e47b"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 7E5A 0
0 33ms
32ms Document
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET sync
ssbsync.smartadserver.com/api/ Frame 1174 0
0

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 1593 2 KB
2 KB 131ms
45ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 7ee746d40b2b79bde59cf46ebdf01d3d76d7537f177f91ddd66f79042e3364f2

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1765
Content-Type: text/html
Date: Tue, 18 Jul 2023 03:25:50 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FD2E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

29ms
29ms

Document
text/html

72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 18 Jul 2023 03:25:50 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 18 Jul 2023 03:25:50 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BBA9 15 KB
6 KB 150ms
42ms Document
text/html 23.32.184.192

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=57238
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Tue, 18 Jul 2023 03:25:50 GMT
expires: Tue, 18 Jul 2023 19:19:48 GMT
last-modified: Tue, 11 Jul 2023 09:39:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame F053 0
526 B 178ms
54ms Document
text/html 2600:9000:223f:3800:1f:4c18:bd40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:3800:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Tue, 18 Jul 2023 03:25:50 GMT
server: istio-envoy
via: 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
x-amz-cf-id: jJ6aXa3lVPGXytrcK1xMAKnBKRqJ00DKBk_tODJUxz5VbqFLDqgVLg==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame B7D7 0
160 B 124ms
37ms Document
text/plain 77.245.57.72

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Tue, 18 Jul 2023 03:25:50 GMT
Pragma: no-cache
Server: nginx

GET sync-iframe
cs-server-s2s.yellowblue.io/ Frame E15C 0
0

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 4108 16 KB
6 KB 124ms
29ms Document
text/html 2606:2800:233:f76:14f7:d635:25c4:c8d7

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:f76:14f7:d635:25c4:c8d7 -, , ASN (),
Reverse DNS
Software: ECAcc (frc/4CFA) /
Resource Hash: e40158b722a1dd6f4126a32292e5281e026c3a011124aaaa31911292aeebb4d3

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age: 386
cache-control: max-age=900
content-encoding: gzip
content-length: 5982
content-md5: LEKRb+dDodMGZNnV5iGn5Q==
content-type: text/html; charset=utf-8
date: Tue, 18 Jul 2023 03:25:50 GMT
etag: 0230cb2d-7adc-4c08-b347-25a3ff3af06b
expires: Tue, 18 Jul 2023 03:40:50 GMT
last-modified: Fri, 14 Jul 2023 17:12:37 GMT
opc-request-id: iad-1:1D_-WQ27kuGhSdwb-IhjA1qU6uRb9UFawvzDlbKGAs5rGd-JgK16MOXi5yaDuF7T
server: ECAcc (frc/4CFA)
storage-tier: Standard
vary: Accept-Encoding
version-id: cfdc7a77-2051-4994-ba67-f5c4beb2cdc2
x-api-id: native
x-cache: HIT

GET
H2

200

sync
ads.servenobid.com/ Frame 096C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=3380780347506052618

0
344 B

52ms
51ms

Image
image/avif

34.254.128.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=3380780347506052618
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.254.128.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-128-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:50 GMT
an-x-request-uuid: f725c7ed-1aaa-4f59-84b0-a484bf287fdb
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://ads.servenobid.com/sync?pid=312&uid=3380780347506052618
x-proxy-origin: 84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

sync
ads.servenobid.com/ Frame 096C
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=G_8NvRZHDIDuFAniTo6sA3x8

0
0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 096C 0
277 B 56ms
54ms Image
text/plain 216.52.2.86
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 18 Jul 2023 03:25:50 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET

cs
ad.turn.com/r/ Frame 096C
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1689650750868
https://ad.turn.com/r/cs?pid=45&rndcb=3937440427

0
0

GET cm
p.rfihub.com/ Frame 096C 0
0

GET usa
sync.go.sonobi.com/ Frame 096C 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 096C
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=

0
252 B

52ms
51ms

Image
image/avif

34.254.128.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.254.128.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-128-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=
date: Tue, 18 Jul 2023 03:25:50 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58559/ Frame 096C 0
15 B 35ms
33ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58559/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET redirectuser
ssp.disqus.com/ Frame 096C 0
0

GET
H2 204 occ
ups.analytics.yahoo.com/ups/58632/ Frame 096C 0
38 B 35ms
33ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58632/occ

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:50 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 096C 0
359 B 31ms
29ms Image
text/plain 3.66.4.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.4.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-4-34.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:50 GMT

GET

sync
ads.servenobid.com/ Frame 096C
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
0

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 5E33 0
595 B 44ms
43ms Script
text/html 37.252.172.123
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 18 Jul 2023 03:25:50 GMT
an-x-request-uuid: 9d1eff66-ff17-4c12-bd70-dd7e5237eb82
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 84.19.175.183; 84.19.175.183; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET rrum
dsum-sec.casalemedia.com/ Frame 1593 0
0

GET dcm
s.amazon-adsystem.com/ Frame 1593 0
0

GET

usermatchredir
ssum-sec.casalemedia.com/ Frame 1593
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZLYGPDb-j6u7J1NNf_6TWgAAFFIAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2xHjLZg7x6kVWsA-zT2gE&google_cver=1

0
0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 1593 70 B
264 B 57ms
56ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 18 Jul 2023 03:25:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET pm_match
um.simpli.fi/ Frame 1593 0
0

GET

crum
dsum-sec.casalemedia.com/ Frame 1593
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3380780347506052618

0
0

GET sync
ssbsync.smartadserver.com/api/ Frame 1593 0
0

GET bridge
cm.adgrx.com/ Frame 1593 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 1593 0
357 B 52ms
51ms Image
image/avif 34.254.128.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZLYGPDb-j6u7J1NNf_6TWgAAFFIAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.128.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-128-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:25:50 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET services
sync.technoratimedia.com/ Frame 4108 0
0

GET PugMaster
image6.pubmatic.com/AdServer/ Frame BBA9 0
0

GET
H/1.1 200
OK usync.js
eus.rubiconproject.com/ Frame FD2E 34 KB
10 KB 33ms
32ms Script
text/html 72.246.169.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.246.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Tue, 18 Jul 2023 03:25:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 18 Jul 2023 01:54:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=80899
Connection: keep-alive
Content-Length: 10114
Expires: Wed, 19 Jul 2023 01:54:09 GMT

GET getuid
secure.adnxs.com/ Frame D818 0
0

GET sync
x.bidswitch.net/ Frame D818 0
0

GET redirectObuid
sync.outbrain.com/ Frame D818 0
0

GET cm
us-u.openx.net/w/1.0/ Frame D818 0
0

GET sync
sync.srv.stackadapt.com/ Frame D818 0
0

GET gumgum
pr-bh.ybp.yahoo.com/sync/ Frame D818 0
0

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame D818 0
0

GET services
sync.technoratimedia.com/ Frame D818 0
0

GET 142
match.deepintent.com/usersync/ Frame D818 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame D818 0
0

GET server_match
ad.360yield.com/ Frame D818 0
0

GET rtset
bh.contextweb.com/bh/ Frame D818 0
0

GET sync
ssbsync.smartadserver.com/api/ Frame D818 0
0

GET sync
ads.servenobid.com/ Frame D818 0
0

GET URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 92FB 0
0

GET pixel
cm.g.doubleclick.net/ Frame 7ACF 0
0

GET user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A732 0
0

GET generic
match.adsrvr.org/track/cmf/ Frame 5CEF 0
0

GET idsync
tg.socdm.com/aux/ Frame 4587 0
0

GET gumgum
cs.admanmedia.com/sync/ Frame DAEA 0
0

GET usermatchredir
ssum-sec.casalemedia.com/ Frame 0AAC 0
0

GET cm-notify
creativecdn.com/ Frame 86C0 0
0

GET multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 49F9 0
0

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame FD2E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c21lg-d.media.net
URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3326523487631170000V10&origin=1&flt=0

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Domain: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=310&uid=G_8NvRZHDIDuFAniTo6sA3x8

Domain: ad.turn.com
URL: https://ad.turn.com/r/cs?pid=45&rndcb=3937440427

Domain: p.rfihub.com
URL: https://p.rfihub.com/cm?pub=44007&in=1

Domain: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Domain: ssp.disqus.com
URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZLYGPDb-j6u7J1NNf_6TWgAAFFIAAAIB&gpp=&gpp_sid=

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEN2xHjLZg7x6kVWsA-zT2gE&google_cver=1

Domain: um.simpli.fi
URL: https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID

Domain: dsum-sec.casalemedia.com
URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=3380780347506052618

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d

Domain: cm.adgrx.com
URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=78731850&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-

Domain: secure.adnxs.com
URL: https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_fdd40bff-43bd-4652-90e8-f03f2d1dc265&gdpr=0&gdpr_consent=&us_privacy=1---

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D

Domain: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_fdd40bff-43bd-4652-90e8-f03f2d1dc265&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

Domain: ad.360yield.com
URL: https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D

Domain: bh.contextweb.com
URL: https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25

Domain: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/sync?pid=309&uid=e_fdd40bff-43bd-4652-90e8-f03f2d1dc265

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9mZGQ0MGJmZi00M2JkLTQ2NTItOTBlOC1mMDNmMmQxZGMyNjU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=

Domain: match.adsrvr.org
URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=gumgum

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/gumgum?puid=e_fdd40bff-43bd-4652-90e8-f03f2d1dc265&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Domain: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D

Domain: creativecdn.com
URL: https://creativecdn.com/cm-notify?pi=gumgum

Domain: secure-assets.rubiconproject.com
URL: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum

Domain: pixel-us-east.rubiconproject.com
URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LK7QFGO4-19-21Z2

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 22:06:26	Name: khaos Value: LK7QFGO4-19-21Z2
.rubiconproject.com/	1970-01-20 22:06:26	Name: audit Value: 1\|hLZGFuTafB3+ODadgLOcD+bASkO6QPb7E03ikE5KqM2IFJ6YTHprVtf1VkEXH51duVM0bP5nQ80zgHlbzd1OQIn0kEOGVL/NzxTqj0kKQGgijy0RC4Zd8RuybVyVU0yt
.criteo.com/	1970-01-20 22:42:26	Name: uid Value: 46775a46-1aa8-4922-81e8-f51ddb73967e
.wheregoes.com/	1970-01-20 22:42:26	Name: __gads Value: ID=05aa2dbb090ca4e6:T=1689650747:RT=1689650747:S=ALNI_MZendaKU6PDFADaJqXzBVnmT_ecHw
.wheregoes.com/	1970-01-20 22:42:26	Name: __gpi Value: UID=00000c3ebededb1f:T=1689650747:RT=1689650747:S=ALNI_MZeoaZavpTvl_OdNsjCh7ywsyq8WQ
.doubleclick.net/	1970-01-20 22:42:26	Name: IDE Value: AHWqTUkwzbYcIup1HXYqRnNoi-ShIZNYGXVub3WZcRValvJGoSFeKnW2C83pDZ70N0A
.adnxs.com/	1970-01-20 15:30:26	Name: uuid2 Value: 3380780347506052618
.adnxs.com/	1970-01-20 15:30:26	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2Il`ejQw+!]tbPl@/D!9hy6]/Cr+ia(CTA4Kqt'5)Y6q]@TK94xs:hi+'Xqdt=WPgPgDu4f<enB`YDVRQYK*%nugO%v4VB%npv#+O/XY
match.sharethrough.com/	1970-01-20 13:30:55	Name: AWSALBCORS Value: WWAt91U0emoJHf+Xb4h8pJFoDVlQpgCyFAz7NTHQwlnnYmju+HNCgSflEwtvyWRExlXXCEyHfXCVP4r0wng5xQB7m8xBcgI34eeXMqiDZ2dPTPpeAPLHlN3X92/d
.media.net/	1970-01-20 22:06:26	Name: visitor-id Value: 3326523487631170000V10
.media.net/	1970-01-20 14:04:02	Name: data-c-ts Value: 1689650748
.media.net/	1970-01-20 14:04:02	Name: data-c Value: k-THCc-IUPKEXj2VxP1UaMnq8IcHCpYlOY1yh4ow~~3
.yahoo.com/	1970-01-20 22:06:48	Name: A3 Value: d=AQABBDwGtmQCEPWsjhWbqareeBDt2RJHUOAFEgEBAQFXt2S_ZAAAAAAA_eMAAA&S=AQAAAnpgnLkYOHyPBOHb7-vn0Ho
.id5-sync.com/	1970-01-20 13:20:51	Name: cf Value:
.id5-sync.com/	1970-01-20 13:20:51	Name: cip Value:
.id5-sync.com/	1970-01-20 13:20:51	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:20:51	Name: car Value:
.id5-sync.com/	1970-01-20 13:20:51	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:20:51	Name: callback Value:
.casalemedia.com/	1970-01-20 22:06:26	Name: CMID Value: ZLYGPDb.j6u7J1NNf-6TWgAA
.casalemedia.com/	1970-01-20 15:30:26	Name: CMPS Value: 5202
.casalemedia.com/	1970-01-20 15:30:26	Name: CMPRO Value: 5202
exchange.mediavine.com/	1970-01-20 13:41:00	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22ca1d2870-251a-11ee-95c0-1d99725498dd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:41:00	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ca1d2870-251a-11ee-95c0-1d99725498dd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:41:00	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22ca1d2870-251a-11ee-95c0-1d99725498dd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:41:00	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22ca1d2870-251a-11ee-95c0-1d99725498dd%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:41:00	Name: criteo Value: %7B%22id%22%3A%22k-s-knRIUPKEXj2VxP1UaMnq8IcHAX_Li0Cg5hqQ%22%2C%22version%22%3A%22criteo%22%7D
.linkedin.com/	1970-01-20 22:06:26	Name: bcookie Value: "v=2&ce458cad-0ee9-4f1e-8659-95560a4d55fb"
.linkedin.com/	1970-01-20 17:40:02	Name: li_gc Value: MTswOzE2ODk2NTA3NDg7MjswMjG8sKHHl/4S0Ymd8Y87RbWIkSj9JF9qUYmiAmVfYaKYxQ==
.linkedin.com/	1970-01-20 13:22:17	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2542:u=1:x=1:i=1689650748:t=1689737148:v=2:sig=AQFTgpoDetq329XmdRNkhdRIzDgqdnfX"
.amazon-adsystem.com/	1970-01-20 22:56:50	Name: ad-privacy Value: 0
.360yield.com/	1970-01-20 15:30:26	Name: tuuid Value: 1ec07279-8686-47a0-bbb3-0082278f890a
.360yield.com/	1970-01-20 15:30:26	Name: tuuid_lu Value: 1689650748
.pubmatic.com/	1970-01-20 14:04:02	Name: KRTBCOOKIE_97 Value: 3385-uid:k-63BRs4UPKEXj2VxP1UaMnq8IcHC7rPXAnCNFGQ&KRTB&23144-uid:k-63BRs4UPKEXj2VxP1UaMnq8IcHC7rPXAnCNFGQ&KRTB&23286-uid:k-63BRs4UPKEXj2VxP1UaMnq8IcHC7rPXAnCNFGQ&KRTB&23287-uid:k-63BRs4UPKEXj2VxP1UaMnq8IcHC7rPXAnCNFGQ
.pubmatic.com/	1970-01-20 14:04:02	Name: PugT Value: 1689650748
.360yield.com/	1970-01-20 15:30:26	Name: um Value: !38,bBodynVTawnkL6nTRkpnrUWkdTqorJF8rpc-j2JigszdsyFWb7Vrol1JnO5fQu7gQhy1oKoh,1697426748
.360yield.com/	1970-01-20 15:30:26	Name: umeh Value: !38,0,1751858748,-1
.amazon-adsystem.com/	1970-01-20 19:32:21	Name: ad-id Value: A5165Pvt4UfVvaijJ8f1fjE
.demdex.net/	1970-01-20 17:40:02	Name: demdex Value: 58078186843471389651890794782141640794
.tremorhub.com/	1970-01-20 22:06:47	Name: tvid Value: 2cf91eb66b99409594bdb7ba210ffafe
.tremorhub.com/	1970-01-20 14:04:02	Name: tv_UICR Value: k-p4RpiIUPKEXj2VxP1UaMnq8IcHDopKFXmjDz-A
.dpm.demdex.net/	1970-01-20 17:40:02	Name: dpm Value: 58078186843471389651890794782141640794
.krxd.net/	1970-01-20 17:40:02	Name: _kuid_ Value: PrkuyrkR
.wheregoes.com/	1970-01-20 22:42:26	Name: cto_bundle Value: 4CoVvV9QZW1NbEhIZlpjJTJCTlh2bjFGQ0hteCUyRjlLVVBvaWlTZXU4JTJCT2FCWGpJT1oxUTYlMkZmYWJDYllHTmZaaU56JTJGdFBaMCUyRmY3a1M0b1ZGSmJHdE81djUlMkZDRTAxTUtCTnJIZyUyQlBLY0NPUjZ0YmVsYUpzaWQwU0lXOTh0TXZqM1lTb0l3UEw4U3Q3S1FiVXl4WG9tTHB1ZXBkWFlRJTNEJTNE

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	(Line 1) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

30a68d061e1166e75ce6169c41377d1a.safeframe.googlesyndication.com
a.twiago.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.turn.com
ad.yieldlab.net
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
api.fouanalytics.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-fra2.rubiconproject.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c21lg-d.media.net
cat.nl3.eu.criteo.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn4.buysellads.net
cdnjs.cloudflare.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csm.eu.criteo.net
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
e1.emxdgt.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
fastlane.rubiconproject.com
g2.gumgum.com
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imageproxy.eu.criteo.net
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.thebrighttag.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.adkernel.com
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.omnitagjs.com
wheregoes.com
widget.nl3.eu.criteo.com
www.google.com
www.googletagservices.com
x.bidswitch.net
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.servenobid.com
b1sync.zemanta.com
bh.contextweb.com
c21lg-d.media.net
cm.adgrx.com
cm.g.doubleclick.net
creativecdn.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
dsum-sec.casalemedia.com
image6.pubmatic.com
match.adsrvr.org
match.deepintent.com
p.rfihub.com
pixel-us-east.rubiconproject.com
pr-bh.ybp.yahoo.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
um.simpli.fi
us-u.openx.net
x.bidswitch.net
13.32.99.50
141.226.228.48
142.250.181.226
145.40.97.66
15.197.193.217
151.101.1.108
151.139.128.10
159.203.25.119
162.19.138.83
178.250.1.11
178.250.1.6
178.250.1.9
178.250.7.11
18.192.135.227
184.30.17.243
185.255.84.151
185.255.84.153
185.64.191.210
185.80.39.216
185.86.138.150
216.52.2.86
23.201.255.110
23.205.93.33
23.32.184.192
2600:1f18:612b:4232:6002:dd61:700b:6e32
2600:9000:223f:3800:1f:4c18:bd40:93a1
2600:9000:2250:1e00:a:e047:753:be1
2602:803:c004:200::140
2602:803:c004:200::154
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:10::6816:3456
2606:4700:3035::ac43:b70e
2606:4700::6811:190e
2606:4700:e6::ac40:c726
2620:1ec:21::14
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a02:2638:3::12
2a02:2638:3::7
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::d
2a04:4e42:200::485
2a05:d018:d29:3605:5ed0:634f:f490:f683
3.130.44.66
3.64.241.131
3.66.4.34
3.71.149.231
34.117.157.22
34.120.63.153
34.241.189.173
34.252.7.215
34.254.128.243
37.157.2.229
37.252.172.123
51.89.9.254
52.30.155.207
52.31.139.111
52.46.128.147
52.59.13.76
52.94.222.140
64.74.236.255
65.9.66.68
69.173.144.139
69.173.144.165
72.246.169.246
76.223.111.18
77.245.57.72
85.215.5.31
95.101.148.20
99.81.215.196
99.81.60.149
00f3d33309e46214491e783c06ee55b37c25e70f41d7112437bcc19ddd35261b
0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0342caf5f71e32170072af1c52e058903acbf1bb234e8d9289f792f2dc7859d6
047e6dea98c188de6374fc6a644a4e266fcba0924e99d6b31561e3b06fc6c57d
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
089225d23027cb2df449bbaf32a0941b1591f6a4c8f6e0fa1e835256b98f56f0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09f4fc66b54af0a3ab7d4a5172c7930fdd2f0df1c5ba5eb32e343e9a62feb3c9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d5c9372f49bca9aff967d0ffeeba09afc8d5969e4bd355ddde01ebda2a1c0c1
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
17882276150f09461415088bd161e0242ce0327673dc9233e11bf1f7cbe28762
17b79cd9eb83b12737f2faf1cefabba67c4fa3997e88cfb940b39c20bbd8d67c
19c6db4b2ddf05678ef3c8cae771f3af934447c736aa16cb5fd1c19945fee70b
19f4129c1cfc1a9fcb2e94b35853f3d2085c0807564e37971d1ccb6ef2a7e852
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20d3e3cc1340e218d30035033398ccfe72086801df5dfc6fc53d36ec04965a75
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2dc9d95f42a92db449150b60f5914f20d7d69485c8350325153e50b5b0ec524e
2f3a52beaf07f194213758f08179fa1c327d62028bc71337019fd939fc153b5d
2fbcc1508834534cff9d947b309e68956bac07a7a4e0d6bf84e1f4d308b307a3
3077c047c7210f4e52a637ba10a8d5346ed72d4e29956c96aaa8f8aac58d440c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3a9e65159b05329ff5e3a7a98c2a049474d55f332e11a5d86069f7eadaa900b4
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5aa49f0af3e388fdd29408e87eba4ea66280dc6023105732c233ebc6924784b9
5fff9e51a0d7bba716ccbac58c4a94ebb29698761273a904175ee175c20ab590
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e8e460f4b8686af04784755083d37870c377de25e3fb7445167183987cfb95
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67da2113f958c94d2970d06bdfec32194fd6879fc938ffb4fc23f8ae306016e9
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
68a66c21da9455c2be6c1f0f2e5b5c8e599051932644eb2345321a0b94a16b43
69d04c36bf70f92000666b9ab7e6048411313950fa3555b0299545521fdc4e71
6ab17a93c0f57131626cb4f50e09d463b031b2b21bf72850d6e56578651af1b7
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7be0fca4b46ccb8eb8498bc72662b1c66fd2e544aefd47de43a49907fe5c3160
7bf0ddbb68801eeb839dfcb737224fd0d397d4c4e29c361c496530c5b8a8ba2a
7c885e9db4f124573f8f5d7cf7084dca3610712344530f03ba0ba26c9771ea70
7ee746d40b2b79bde59cf46ebdf01d3d76d7537f177f91ddd66f79042e3364f2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92316450fa26a144d155f88fa0652b5c1da8fc17dcfddd2e1b8b8d62826ca3ca
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9b3374d112be213b5b17e955b7425a1ac0f96b7b7f032d2c159cf795fcc84a54
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1270fdff4e83686c8a2f040382b78890efec883791c6d1316a585cfbf0d84ae
a1558e7e37a4710341c8eff3ba393984aed67fc993f9f950a8233e69b80ea7d7
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6f71b88326bcf1206038c02c0404658b5a65e757e38c80ee4121dc796475668
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a89068fdd90948d24e0c047a2e75416ca717ca08b79a33caf43c3303b271d6b9
aab3567f59048814414d58990510744ce0f0a2ac3489bd1e76754b71b56e6d0b
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f37a5d48012b60d0912d3469d5d2e1557238e8b91695dbdfa4abf4519aae6e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbac5b873b97dc6ecf39dd6ef9f6272800973449b21f7de8eb524e2cbf12444b
bdfaef8c844bc0a0f53e2cf893d28a1fdcd920bcea0a118a04df0bf4797b788c
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4f8dbfe9de1603fa006f0c7c48ec501dd5aa8788fa1351cc366f998f4de46fc
c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
d0f2ece5fb0ba96dcaf1db5c9b28c9e4e5a4dee837c3b1302dc7c10b0f4f35c4
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d16b7e791947e153bd624220a710934e78b687ddb2ff2315adf78da32a953431
d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2
de8279221cec92147e41e962754da2e9667fe862dc94f192566fa7bec3d11f11
deb428f7b8dc8e920a46777cd7f0d271923623abedb2e7bdf397a3f76fc2f43a
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e27d34e90a322fc13a0bb7c698698396048dce37d2481edc363af98257a3ecf8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40158b722a1dd6f4126a32292e5281e026c3a011124aaaa31911292aeebb4d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f13a6828e9fd2b875b175a9ed2799b7980742da04d026e9e3a9a3234b0e14199
f17e1efa078054a519093a5c87dbb77da3336318bed0abfa3ea9cd2ab785a5e7
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f73f21b045d1f7f1e1599bead29048eea0b90ce140f35761630840340707f45f
f7c18e6a8c0fae807d3b2657c88722d268414bd862dfdb8af26c24a553b2d3ac
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

wheregoes.com Open in urlscan Pro 2606:4700:3035::ac43:b70e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

205 Requests

70 %HTTPS

32 %IPv6

69 Domains

102 Subdomains

74 IPs

8 Countries

1281 kBTransfer

3298 kBSize

44 Cookies

1 Outgoing links

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wheregoes.com Open in urlscan Pro
2606:4700:3035::ac43:b70e Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

70 %
HTTPS

32 %
IPv6

69
Domains

102
Subdomains

74
IPs

8
Countries

1281 kB
Transfer

3298 kB
Size

44
Cookies

205 HTTP transactions
4 data transactions