wheregoes.com Open in urlscan Pro
2606:4700:3034::6815:240d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wheregoes.com/trace/20245505640/
Submission: On October 03 via manual (October 3rd 2024, 2:02:37 pm UTC) from US — Scanned from US

Summary HTTP 69 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 17 domains to perform 69 HTTP transactions. The main IP is 2606:4700:3034::6815:240d, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheregoes.com.
TLS certificate: Issued by WE1 on August 9th 2024. Valid for: 3 months.

This is the only time wheregoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3034::6815:240d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 23	172.67.183.14 172.67.183.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.67.170.60 172.67.170.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	24.144.70.77 24.144.70.77	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
7	209.85.201.154 209.85.201.154	15169 (GOOGLE) (GOOGLE)
1	159.203.151.34 159.203.151.34	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.199.105.107 34.199.105.107	14618 (AMAZON-AES) (AMAZON-AES)
1	34.233.187.24 34.233.187.24	14618 (AMAZON-AES) (AMAZON-AES)
4	2602:803:c002... 2602:803:c002:200::32	26667 (RUBICONPR...) (RUBICONPROJECT)
1	51.222.39.185 51.222.39.185	16276 (OVH) (OVH)
1	195.244.31.10 195.244.31.10	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
1	68.67.160.117 68.67.160.117	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2620:100:a00b... 2620:100:a00b::30	19750 (AS-CRITEO) (AS-CRITEO)
1	209.85.201.157 209.85.201.157	15169 (GOOGLE) (GOOGLE)
6	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:400d:c07::84	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:400d:c0d::84	15169 (GOOGLE) (GOOGLE)
1	209.85.232.99 209.85.232.99	15169 (GOOGLE) (GOOGLE)
69	21

1 2606:4700:3034::6815:240d (United States)

ASN13335 (CLOUDFLARENET, US)

wheregoes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.67.183.14 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

wheregoes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.170.60 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 24.144.70.77 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 209.85.201.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f154.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.151.34 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.105.107 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-105-107.compute-1.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.233.187.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-187-24.compute-1.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c002:200::32 (United States)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.185 (Canada)

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.10 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.160.117 (Colonia, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a00b::30 (United States)

ASN19750 (AS-CRITEO, US)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.201.157 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c07::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:400d:c0d::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.85.232.99 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f99.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	wheregoes.com 1 redirects wheregoes.com	202 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163	274 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215	217 KB
4	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 492	3 KB
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 10393	8 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3
1	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 745	493 B
1	media.net prebid.media.net — Cisco Umbrella Rank: 986	1 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 267	2 KB
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4000	920 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 691	218 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 774	676 B
1	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 2764	786 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 26047	650 B
1	w.org s.w.org — Cisco Umbrella Rank: 4537	1 KB
1	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 30352	171 KB
0	criteo.net Failed static.criteo.net Failed
69	17

	Domain	Requested by
24	wheregoes.com	1 redirects wheregoes.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	cdn4.buysellads.net securepubads.g.doubleclick.net wheregoes.com pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	fastlane.rubiconproject.com	cdn4.buysellads.net
3	835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	api.fouanalytics.com	wheregoes.com api.fouanalytics.com
1	www.google.com	tpc.googlesyndication.com
1	bidder.criteo.com	cdn4.buysellads.net
1	prebid.media.net	cdn4.buysellads.net
1	ib.adnxs.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	onetag-sys.com	cdn4.buysellads.net
1	ap.lijit.com	cdn4.buysellads.net
1	ads.servenobid.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	s.w.org	wheregoes.com
1	cdn4.buysellads.net	wheregoes.com
0	static.criteo.net Failed	cdn4.buysellads.net
69	19

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
wheregoes.com WE1	`2024-08-09` - `2024-11-07`	3 months	crt.sh
fouanalytics.com WE1	`2024-08-27` - `2024-11-25`	3 months	crt.sh
*.cdn4.buysellads.net E5	`2024-09-19` - `2024-12-18`	3 months	crt.sh
*.w.org Sectigo ECC Domain Validation Secure Server CA	`2023-12-18` - `2025-01-17`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.buysellads.com E5	`2024-09-19` - `2024-12-18`	3 months	crt.sh
ads.servenobid.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-27`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M03	`2024-02-11` - `2025-03-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
prebid.media.net WR3	`2024-08-09` - `2024-11-07`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh
*.google.com WR2	`2024-08-26` - `2024-11-18`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://wheregoes.com/trace/20245505640/
Frame ID: 528F03EEA9F9AEA82F2B94B1916581C3
Requests: 46 HTTP requests in this frame

Frame: https://wheregoes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js
Frame ID: 2EAA2C523A17725A685D2AC7B9362C18
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 92857BAF653040E794DDF73C5CE1B474
Requests: 1 HTTP requests in this frame

Frame: https://835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D8F7AE0CDBF578FC7CCD63D654C74874
Requests: 1 HTTP requests in this frame

Frame: https://835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BD1AF79DE4BC9B32EA1A8F7E5564CD51
Requests: 1 HTTP requests in this frame

Frame: https://835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C07EA47C93AAAFC75CF361C203D4E8DC
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjAxTNcOXfNHaZzk09cEtlzh-5GlGAwlLoLHI_Ou6_JCSMzh776d3tBeam5BMeFT9XHEi1G04B_ZZAuhexJlttO1kYAT9j0tSmcsq1_7iotXF8Bof462Uq6k_7SPnWgmxhkiL0r_-4vQd88Ab9wfnmRaH166mxF87hdrKe9NYLI6jozvJNRGizyA4FrXT7nW2XhnLf810I8qE13tnDQmJIvQ-P0bXTBgePQkdjw8FcXCY49hpoLlVB7vWJly4K3IghvHTC3R2xX3CI1i7p49L3JqnenwNlqwSrYVmV9LzvWNZp85EHq6ZZ1D5QQ0JsmrCxGUs-PHUToz-_WjYXj8qKfsFND5q1CpuRIU1irMMz8WH5zRt2ECAw2v-6gROWNl9ZO1FKO8B7glOVLpxZGIX-owuCzVpC_aJj2nPQrQ&sai=AMfl-YQebO3SXSIB94lia8o7YtB8qrVauSxiNykgNK7vlIxXrDqRKFlIucRBKhXPemUrZs8SiYVOiWsnmVzz-j_doUVeQq6CigszzUjSTSGPsNJ0JRLRzQGtXKNVsSNaRLJfpOnzc3pUMauFZlg-0hvvKg&sig=Cg0ArKJSzAQqI6gHl25pEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 994DC0695B957786A8B7B23968F07115
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaHpA1CFDeUqWyTxMgQlcgHT1XVLOkwS0xfGSgp_FfxLwNE3sJCWySmdrR_3DF7-QrJHZe4CBGGBjVNsz9mB4UQPl8uPkvGICgTBhwEbxDu0cubkEox5Uj4miEaXabTaOkVACiFxqGYko7gHBym9UlS8xmSPyPFh8Ru1Rq5fGP_CoKLGodyibkzkvx9FuqSl2rm09UKE75D86dbv0UDr5dZLtWuq9MWW7mFsieRyuDvTvVLOBBpJ0lXuQxGtl4zvb9-472PV04gkaV9JEYMeRwv_A6PAlwnxgBBAQQow-W0e1hIU6G-kXap2OtD0dnLlw_CWWS17H19TAUhL-qz-ubRCgpROKcdzeTGAaDlwJkjHOJyPRvDbYLqTY7DBqCyEUZvHjAUC0Mfndiz2Xysz5WMWwq8OWdZA&sai=AMfl-YSdzNTfgLjYx2jGFQxiKINaheUbcHyUwxzuhstaC1DyoKH209uu8cVKr1TLVlOXYZimkzHZ-3RshopxemTjpe6tWWjHzy8w634bYeTdaLgrWA5S8jZrX0wUF1vNnHyZ8NY7EaC2P4wvfF-gKfALTQ&sig=Cg0ArKJSzKkjf5hdk8emEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: B944FE59E97691ADA4BB8511344F8971
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html
Frame ID: 7FBEAA38B644949F59BA256335BBF59C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A63D0F5AF02154B78DD7B653792D160
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trace Results | WhereGoes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

<form [^>]*id="mc-embedded-subscribe-form"
<form [^>]*name="mc-embedded-subscribe-form"

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

69
Requests

94 %
HTTPS

25 %
IPv6

17
Domains

19
Subdomains

21
IPs

2
Countries

882 kB
Transfer

2627 kB
Size

15
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/WhereGoes_com
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://wheregoes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://wheregoes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js

69 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wheregoes.com/trace/20245505640/ 19 KB
6 KB 566ms
206ms Document
text/html 2606:4700:3034::6815:240d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/trace/20245505640/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

edd37ebae18007eeae37ce0d88f93c3a895862f79194c1c164330b75e0578235

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8ccd786f7bf83714-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 03 Oct 2024 14:02:32 GMT
link: <https://wheregoes.com/?p=19>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTO7vXJNgwF3rnTWN%2BAYbF9GQbK7sVHX3S48lUockmzu8sgXWXtLja3CbKPpEz9euj8L7bj%2BpVzUTdm9t9ckvMFnREDqE4gBmocn%2B55nCMxP%2FHxWkIeSFXM3wvAuuNpRuzTGmEUxMuc7zNZV"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3 200 speculation
wheregoes.com/cdn-cgi/ 128 B
571 B 48ms
48ms Other
application/speculationrules+json 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wheregoes.com/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wheregoes.com
Referer: https://wheregoes.com/trace/20245505640/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZPH%2BmYlB1OS8ZZeziwaR0JdZXGkGuxGW%2F0u%2FgtfyQ6emOeNYPAHSZKxZAnxe4gGP4Rw6GJa5KsnafeQDY7nC7rn1GuhfLVCsJu1GVacO0MO9zLNxCvDZ4%2BysVAwN%2Bcf3"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccd7870c900875c-MIA
access-control-allow-origin: https://wheregoes.com
content-length: 128
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H3 200 autoptimize_be802b0078378d06db235ae7effbf46b.css
wheregoes.com/c/cache/autoptimize/css/ 253 KB
89 KB 79ms
79ms Stylesheet
text/css 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/cache/autoptimize/css/autoptimize_be802b0078378d06db235ae7effbf46b.css

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53f700b326f1414787ea7ae51c995e46e608064aaab2597818d083e2e109870f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6699295a-3f29b"
age: 6639601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G%2FU5KpeDZtoFyofYaMcH1P07yXGnVnfKps4yioR8xsXtZJGhpAP3mahJPqaN02f6qB6a0bSEdzyzsOvuB1UJ%2B91TtALDybbfhJFHGkYMUi4bgg8j8v0TPwpSbPCGnYSC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 18 Jul 2025 14:41:49 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: text/css
last-modified: Thu, 18 Jul 2024 14:40:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ccd7870c904875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 jquery.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 86 KB
31 KB 81ms
80ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery.min.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65534e1d-15601"
age: 143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kZ2V3kFoK%2FkJhp02th4pKRvjzg0J6mZhxbIPiAwJ7OGiO0kGWitv%2BKjuVUkgjLFuv0GiSrXSYSQmw%2BEh8Tn0tSF8cYTXmAdHhwiptJ82qkVq8FjWjgcrDm2oC9Ad%2Fdp"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:09 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Tue, 14 Nov 2023 10:38:21 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870c909875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 13 KB
5 KB 50ms
49ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"64e51e07-3509"
age: 143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LjNqgOrLHfIXmWqD%2BRsvubGKe5Tab%2BhSTIU9kl3xQwoLwnuyH9%2B3OxPLjNRVtd%2ByHY%2F2PpNPU5nik9EpgHBtFwQ1q0pxon%2F%2Bno75GBSuc2iOKnM%2Bie1mbPKfrtbGRBFZ"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:09 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Tue, 22 Aug 2023 20:43:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870c90d875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 script.js Show response
wheregoes.com/js/ 3 KB
2 KB 44ms
43ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/js/script.js

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

408eae2e77f4c4fd2c59f449c7b5e49f2e65a3a40b905defe8f18b3dbf51f621

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

cdn-status: 200
content-encoding: br
cf-cache-status: HIT
age: 3516
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wr0O%2FjKjMVzU8lwyx4sGRJnPz0VZ9qQqfQHJRzsixx4hS2tqz6XR%2B2DYi1qELSm%2FPQAKx9ywfVnSKrggcRRVLou6%2FPjD8yuVpSs90jfZM4KYEAWGFYnGMzW39YOQcsGt"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
x-cache: EXPIRED
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cachedat: 10/02/2024 07:07:51
cdn-cache: HIT
cdn-requestpullcode: 200
last-modified: Wed, 02 Oct 2024 17:12:28 GMT
cache-control: public, max-age=86400, must-revalidate
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid: 1a83af6f6a3d7a2f8135c57736f268ae
cross-origin-resource-policy: cross-origin
cdn-pullzone: 682664
cdn-proxyver: 1.04
application: 127.0.0.1
permissions-policy: interest-cohort=()
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8ccd7871fa5f875c-MIA
cdn-edgestorageid: 885
server: cloudflare
cdn-requestcountrycode: US

GET
H3 200 init-1144pc80p2fur20uadwq.js Show response
api.fouanalytics.com/api/ 329 B
774 B 185ms
133ms Script
text/javascript 172.67.170.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6acc864f534d7c5eb581cb75dc3716840903509918f6bc0b37c8f6b5e7bf09b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: BYPASS
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JhPpNKt%2FX1L5%2FBvrr0C%2Fj3k024sHrr8ypOzHWBL8HAcKRjBWoHkCwncGNKnb%2BBkHSWqsJwfinKyfNHr9XG1pe3oPYG9%2BZWqkQwEzcrgVkrNMRwvxz%2F%2FpuYNs0Z2rdVrSr4%2BWy91BnA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccd78724dd3a4c8-MIA
expires: 0
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 wp-polyfill-inert.min.js Show response
wheregoes.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 81ms
79ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"642ddfde-1feb"
age: 143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEMG69bnxXA5NW935nxDPwLseNG8msM817WhvOh4FHtosADeqmOs04E0n7pzr6qDBIt8MFzE7f80BsbQrUB8gD%2Fd%2BqOuuOICAILULRc25AOPcOW2xmfG7VMgYT7a9O8y"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:09 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870d90f875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 regenerator-runtime.min.js Show response
wheregoes.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 51ms
50ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"65534e1d-19e1"
age: 143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXKP8Lb%2FBWec6A%2Bs6k%2Btizx0RL8tQsbZxwGXHciyCSOvjO5TMI9OmlFYbOL7I%2B8abMe7MiCG9D3JVf8bNgcfvb1UESmFpkLK8a%2FnTtMBuQWH%2BZHR4J7CUnIFZ2BpOwKR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:09 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Tue, 14 Nov 2023 10:38:21 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870d911875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 wp-polyfill.min.js Show response
wheregoes.com/wp-includes/js/dist/vendor/ 38 KB
14 KB 52ms
50ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66100040-96be"
age: 143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uxVWaYvVwcV1p8aS%2Fvh18s3ooeSgdNuEO0MQshZ6rpfWKk5sH%2BIL%2F9owJ0buqeSaCilQcs8HQcvDphfevm9nyi%2ByRuTedK5DzcfIdHVduCLBf791QhsTh2cWxOR7d%2FgM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:09 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 13:44:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870d913875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 hooks.min.js Show response
wheregoes.com/wp-includes/js/dist/ 4 KB
2 KB 169ms
167ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/dist/hooks.min.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66100040-10d3"
age: 143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OUh3yK4zcckdFHD%2F%2FJSTlE9wTwVlm8Jabssd%2FFF6JhZS68D8MQ877kqouUJyRN0aYMUzSsaPbWMQX1b1GNGsGT%2BgMuuEgjSS4wWE2Jo9EFFz15vvK1gCG0hRnO6yo4bz"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:09 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 13:44:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870d914875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 i18n.min.js Show response
wheregoes.com/wp-includes/js/dist/ 9 KB
4 KB 171ms
169ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/dist/i18n.min.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66100040-23b5"
age: 143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fV3JXlHQKPyLvakTvQIya75rjEg%2FeDW2g9ysTidaTAzIRSSDoTUWcQUI%2BpDLlPk2W7hiWlqi1Yg%2BuVd4qJQpjuittKzSdXs4bsKoyxO%2FLPGzCKqGr%2BCBbfPURrVCrPT6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:09 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 13:44:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870d916875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 index.js Show response
wheregoes.com/c/p/contact-form-7/includes/swv/js/ 11 KB
4 KB 171ms
169ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/p/contact-form-7/includes/swv/js/index.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66a25f64-2cf9"
age: 142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KjELnzaBYiocY%2BHFjwmLyM6w%2Fnr4D3pCZCpS4zsZZOGs298neM7yV%2BmhCBb2vPfwIqnqNjKUPMNIZSZx6LLqrd7nR88CSex7PUYZ%2BhIJ%2BhRH2zuabXuEfvT84jPn8z1h"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:10 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Thu, 25 Jul 2024 14:21:24 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870d917875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 index.js Show response
wheregoes.com/c/p/contact-form-7/includes/js/ 13 KB
5 KB 171ms
170ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/p/contact-form-7/includes/js/index.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66a25f64-346f"
age: 142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8VwKEUNyc7UIjbSob2wcb9ZegxjasEthJneh5uzHRE7xRN%2Bdp5rQMGdjpsnYGfn4nQw7x3162fWY8JkaG9Q8ngL0IhGiO2fjrA1b8VGXOT4e7bHuMlfl9uNWOD1sLZQT"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:10 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Thu, 25 Jul 2024 14:21:24 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870d919875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 main.js Show response
wheregoes.com/c/themes/custom-theme/src/js/ 8 KB
3 KB 171ms
170ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/themes/custom-theme/src/js/main.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f053be9c91dd84c0a3b14b168ed75173531e8175b1315beb67681a97b359abd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"62ab7e81-20a1"
age: 142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTpYRVYGF3zxAQ6Azg7bcjozDuhv7K6uaMdBfNTebuIljnvM0m7xqNX5voX9ZuRUQfV5g4xqt2ZNTbDsB2d0eTje1NqqcZD0ss%2FKEcEbd0oA1AkgFn%2B9AKG7UQNnZrxg"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:10 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Thu, 16 Jun 2022 19:03:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870d91a875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 login.js Show response
wheregoes.com/c/themes/custom-theme/src/js/ 4 KB
2 KB 50ms
49ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/themes/custom-theme/src/js/login.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adbf7613efb9d5f9385e42495ec01a5a17690551607263a0d840d08f132f9c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"62ab7e81-1189"
age: 142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HfUjNifrxHIxaGoeFCXRgsM79L%2FzUiKkEhFw0wZ1bN0RjQVCwGYOouGfATH%2Bfxt85vqxJPUQrYXedZMm35CNswrLvlWHdRtE4n25ZGqM2lBYviY%2FJKNIIsTq8MaQuINC"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:10 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Thu, 16 Jun 2022 19:03:29 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870d91b875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 ads.js Show response
wheregoes.com/c/themes/custom-theme/src/js/ 2 KB
1 KB 169ms
168ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/themes/custom-theme/src/js/ads.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d6120670efc8d0e341da81feee0298095402654414f1e93fad0683da438622d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66992986-6a4"
age: 142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FLBvNeCvk9Ii5HBZmZE2bCLsPUEGAKAN03%2FRusbYeVAS5peqEhVdLaYZ4z9iEuCc4nVB8jiPlcvvyUzhqEAnTigclCI1ePZiHHBz%2FMnMYWZ0M9xm5tJumNFq5JtdvEdf"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:10 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Thu, 18 Jul 2024 14:41:10 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7870d91c875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET 6c5502f1-f7f2-4edc-bb3e-286a7c616f09
https://wheregoes.com/ Frame 0
0

GET
H2 200 wheregoes.js Show response
cdn4.buysellads.net/pub/ 606 KB
171 KB 471ms
101ms Script
application/javascript 24.144.70.77
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 24.144.70.77 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-sfo3-2 /
Resource Hash: f5d643584ccb013e4d568bc334409cb72380808fae41664b2214b1ae033366f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: gzip
etag: 4531867824eac9293110193e9c0a0660c2b4907b
date: Thu, 03 Oct 2024 14:02:33 GMT
content-type: application/javascript
vary: Accept-Encoding
server: srv-sfo3-2

GET
H3 200 logo-h-blue.svg
wheregoes.com/c/themes/custom-theme/img/ 15 KB
6 KB 41ms
41ms Image
image/svg+xml 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheregoes.com/c/themes/custom-theme/img/logo-h-blue.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_be802b0078378d06db235ae7effbf46b.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_be802b0078378d06db235ae7effbf46b.css

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"667c6455-3afa"
age: 6639590
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d%2BZoC2rNbAVZ22AYPqWsZZAIxYzDh1jrxdmC6MuLd2EWSPURqLiBca3Mqtqt6wighTgosOY%2BO8dkxRs24lK%2FqQqYmmvSA7DU%2FTTmQj%2FaeAZkqONoctPkAqK7bBvo6fXk"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 18 Jul 2025 14:41:44 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: image/svg+xml
last-modified: Wed, 26 Jun 2024 18:56:21 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ccd78721acf875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 wheregoes.woff2
wheregoes.com/c/themes/custom-theme/fonts/ 8 KB
8 KB 43ms
42ms Font
font/woff2 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wheregoes.com/c/themes/custom-theme/fonts/wheregoes.woff2?90359859
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_be802b0078378d06db235ae7effbf46b.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://wheregoes.com
Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_be802b0078378d06db235ae7effbf46b.css

Response headers

cf-cache-status: HIT
etag: "60cceb75-1f58"
age: 6639590
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZnVlXJLFf9d0w8qizwTuzh5z%2B%2BG07k%2BKxBM1y3w%2FgTJuccYTxVWYDnbKZTyxrD%2F3aW3HmmDJGCLo9wflni6aP0Uu3vM24yZHYRoG1TnHdMuybPLHc2jBObdQ3bliVk3m"}],"group":"cf-nel","max_age":604800}
expires: Fri, 18 Jul 2025 14:41:44 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: font/woff2
last-modified: Fri, 18 Jun 2021 18:52:37 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ccd78724af7875c-MIA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8024
server: cloudflare

POST
H3 202 event Show response
wheregoes.com/api/ 2 B
763 B 187ms
185ms XHR
text/plain 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/api/event

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/js/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://wheregoes.com/trace/20245505640/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-request-id: F_r2Pek8fdI1ZZgXnCWC
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFHsq5HOHbIyFsynGeDpnLuEJbpBFabsxZUGCkqsj9zVEZ3iaCx1IcLEBdBNViDLq12U2pNyWoZVLsM9BU9Hbk7elgSNCOhNXyF2JuEjMhe1%2FwR3qQLIv%2FV5dfbuVGA1"}],"group":"cf-nel","max_age":604800}
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: text/plain; charset=utf-8
cdn-cachedat: 10/03/2024 14:02:32
cdn-requestpullcode: 202
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: must-revalidate, max-age=0, private
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cdn-requestid: a0f68acdca25cba72a245c7cd796b232
access-control-allow-credentials: true
cdn-pullzone: 682664
cdn-proxyver: 1.04
application: 127.0.0.1
permissions-policy: interest-cohort=()
x-plausible-dropped: 1
access-control-allow-origin: *
content-length: 2
cdn-edgestorageid: 885
cf-ray: 8ccd78728b2b875c-MIA
server: cloudflare
cdn-requestcountrycode: US

GET
H3

200

main.js Show response
wheregoes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/ Frame 2EAA
Redirect Chain

https://wheregoes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://wheregoes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

8 KB
4 KB

39ms
38ms

Script
application/javascript

172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2a7aded29cde87ef58032dc2d98153485444384285df55f0e3b5aab72df5e5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YxLXsmhUUeC%2B1PQjhyL%2BTSujOsgikRqwrf9b5xsj2SXai0kOhIXVN2rfUGqvAJQZQTzol7HsD6wVP8L1e%2Bxuc7%2BftC709LP3rv3z8Q02M20ymkkMAgDEoh%2Fk9S1uwSe9"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8ccd7872cb7f875c-MIA
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/ec4b873d446c/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XhboerGYY0QgthXQpi7UkzdHWFEXYUf15Du3sxcKHg8%2BsH44OEbbXw5JZzF0fli6UQSFGnEgJ603vNlb9suL%2BcC%2Fr64ApH4HRwUFTNzpZyKGecVPvxPymPxLwV0hTGsq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccd78728b2d875c-MIA
access-control-allow-origin: *
content-length: 0
date: Thu, 03 Oct 2024 14:02:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 wp-emoji-release.min.js Show response
wheregoes.com/wp-includes/js/ 18 KB
5 KB 42ms
42ms Script
application/javascript 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/wp-emoji-release.min.js?ver=202410031450

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"66100040-4926"
age: 142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wITBBGPuv4Idt2lSTFKVvONRCuEdOnkitRtIEXBY1ZHI3wKRhIZ9wKfwMnCL%2B9FZ8ptwaIl4Ce202dvstAqPmjUh0UmulgUcocXqGRul%2BHjob31X%2BMmsDpvCItJyFTlR"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:00:10 GMT
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 13:44:32 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8ccd7872ab4e875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H2 200 1f36a.svg
s.w.org/images/core/emoji/15.0.3/svg/ 2 KB
1 KB 111ms
30ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/15.0.3/svg/1f36a.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=315360000
content-encoding: br
x-nc: HIT mia 2
access-control-allow-methods: GET, HEAD
x-content-type-options: nosniff
expires: Thu, 31 Dec 2037 23:55:55 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: image/svg+xml
last-modified: Tue, 30 Jan 2024 01:21:10 GMT
server: nginx
x-frame-options: SAMEORIGIN

POST
H3 200 8ccd786f7bf83714 Show response
wheregoes.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 2EAA 0
892 B 49ms
41ms XHR
text/plain 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wheregoes.com/cdn-cgi/challenge-platform/h/g/jsd/r/8ccd786f7bf83714
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

cf-ray: 8ccd7873cc8e875c-MIA
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 0
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: text/plain; charset=UTF-8
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DADFTC%2BUDa0SZUdiozVM6WLfWuuWO3BJ45X%2BByV9JYsz3%2F3E1XSxcTD0THMf5cEr31brVakhVe24sLxgsNlrD66NKaxpC0BAMrXMIysPlzagSqZ460jBOpyQRtqU%2BOBe"}],"group":"cf-nel","max_age":604800}

GET
H3 200 x.js Show response
api.fouanalytics.com/s/ 16 KB
7 KB 41ms
41ms Script
text/javascript 172.67.170.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/x.js
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59ac8678755cff8def1e74a605baf8af0bc3af555812c1295b81cf223f26d5d8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

cache-control: max-age=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: HIT
etag: W/"66fc3754-41cb"
age: 35808
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9tVAtYDelAhJgWItuQPmrQBJ0GwM5dyML6HopE1wOKj9JSYtJwQHWXtbk2ainZKAslbKeWkgX1AEsZ2Ijq6idhQ%2FKUV84SVwSM2ucGnQUufZZtt0n0vQyC2Qwe04NN1S%2FgMpuyL0Wg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ccd7873c805a4c8-MIA
date: Thu, 03 Oct 2024 14:02:32 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

POST
H3 200 x
api.fouanalytics.com/api/ 0
444 B 150ms
148ms Ping
text/plain 172.67.170.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/x.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.170.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://wheregoes.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=paBr1Tj7UxgaBbtf%2FTr%2BryeHCYtiy6LZy0r5XDnUx6FdJVxwbJsTknPwHSAujqQwMll1QxCOky3n%2F8eEptWxT76XTS2WSBkiUUV2jUZ80tp80aqJku5Dz0ZV0Jq0ApPYrGweHY2A2A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: *
cf-ray: 8ccd7875aad2a4c8-MIA
expires: 0
access-control-allow-origin: *
date: Thu, 03 Oct 2024 14:02:33 GMT
server: cloudflare
priority: u=4,i

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 104 KB
32 KB 214ms
114ms Script
text/javascript 209.85.201.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f154.1e100.net

Software

cafe /

Resource Hash

8770938cd57c83b5f60c76410479ce4389d4ae6d3d572731d84770920686aa5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: br
etag: 515 / 19999 / 31087720 / config-hash: 985063253086454253
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 14:02:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 03 Oct 2024 14:02:33 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 32635
x-xss-protection: 0
server: cafe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/ 483 KB
150 KB 52ms
51ms Script
text/javascript 209.85.201.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f154.1e100.net

Software

cafe /

Resource Hash

da6d5b33072b3e71a0463d605994e9869dee78d7681d5e68cd0632d047dcb02f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: br
etag: 15766963829252202751
age: 12699
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 10:30:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 03 Oct 2024 10:30:54 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 153223
x-xss-protection: 0
server: cafe

GET
H2 200 CEAIT5QE.json Show response
srv.buysellads.com/ads/ 1 KB
650 B 182ms
60ms Fetch
application/json 159.203.151.34
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CEAIT5QE.json?forcebanner=556284&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.151.34 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: srv-nyc3-2 /
Resource Hash: 7643aa5b3e4a92aefc8d4dc72e44ecb2e2008f230f75a8c270bd8cef11a7fd2d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: br
access-control-allow-origin: *
content-length: 522
date: Thu, 03 Oct 2024 14:02:34 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: srv-nyc3-2
access-control-allow-headers: *

POST
H2 200 adreq Show response
ads.servenobid.com/ 946 B
786 B 231ms
60ms Fetch
application/json 34.199.105.107
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=10031
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.105.107 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-105-107.compute-1.amazonaws.com
Software: /
Resource Hash: 20d9d9d8c0ccf289c52d813f5800b780de361234455b5a7c66f3572352dbaf96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding: gzip
access-control-allow-credentials: true
amp-access-control-allow-source-origin: *
access-control-allow-origin: https://wheregoes.com
date: Thu, 03 Oct 2024 14:02:34 GMT
content-type: application/json
vary: accept-encoding

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 590 B
676 B 262ms
117ms Fetch
application/json 34.233.187.24
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.45.0
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.233.187.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-233-187-24.compute-1.amazonaws.com
Software: /
Resource Hash: a031f3d0c108a8d451de26eac863e96231ff8ac7fcc8e9b6efcabb7988530efc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: https://wheregoes.com
content-length: 323
date: Thu, 03 Oct 2024 14:02:34 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 433 B
782 B 264ms
137ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=2&alt_size_ids=55&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=17528ac19a0ec3f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&m_ch_mobile=%3F0&slots=1&rand=0.28775919071316514
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 51fba63e7765d23c9bec231fa34c7eb5b294133cd14ef85425e80e372066803c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://wheregoes.com
content-length: 433
date: Thu, 03 Oct 2024 14:02:34 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 411 B
932 B 262ms
135ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=189e499c651f97c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&m_ch_mobile=%3F0&slots=1&rand=0.9007576720141335
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6aaaff486ec17c4ee693e4e1c7a297c6269cb3f180300438b52b110bf9d8b23e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://wheregoes.com
content-length: 411
date: Thu, 03 Oct 2024 14:02:34 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 443 B
792 B 277ms
150ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=2%2C16&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_InContent_BTF_ROS%23bsa-zone_1641318314037-7_123456&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=19f93dcc6bfdefa&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_InContent_BTF_ROS%23bsa-zone_1641318314037-7_123456&m_ch_mobile=%3F0&slots=1&rand=0.21701078594358636
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 31c8eeb3464c533a70d346a9b44dc87d88445a15c54429f570096f4a09b05231

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://wheregoes.com
content-length: 443
date: Thu, 03 Oct 2024 14:02:34 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 442 B
791 B 291ms
165ms Fetch
application/json 2602:803:c002:200::32
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&tk_flint=pbjs_lite_v8.45.0&l_pb_bid_id=202db8c495994e3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&m_ch_mobile=%3F0&slots=1&rand=0.6401056016859095
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5d3bf89c1a0b1cf9edc7a4816c059aeef172d84679b17f3feaf42fd713cc6f89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://wheregoes.com
content-length: 442
date: Thu, 03 Oct 2024 14:02:34 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
218 B 252ms
71ms Fetch 51.222.39.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.222.39.185 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip185.ip-51-222-39.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

strict-transport-security: max-age=15552000
access-control-allow-origin: https://wheregoes.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 15
date: Thu, 03 Oct 2024 14:02:34 GMT
x-server: failover
access-control-allow-credentials: true

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 2 KB
920 B 399ms
176ms Fetch
application/json 195.244.31.10
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&PageUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&PageReferrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

Software

ayl-lb-usa02 /

Resource Hash

393e0efbdef28326483834ce1614cff371508a008233dcfba88b3ab03d96918e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: OPTIONS, POST
x-content-type-options: nosniff
expires: 0
p3p: CP="CAO PSA OUR"
date: Thu, 03 Oct 2024 14:02:33 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
x-envoy-upstream-service-time: 113
access-control-allow-credentials: true
access-control-allow-origin: https://wheregoes.com
content-length: 460
server: ayl-lb-usa02

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 478 B
2 KB 353ms
193ms Fetch
application/json 68.67.160.117
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.160.117 Colonia, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

45583a2bf7c2a040037798ee3a75f4886fd2204bef6fb33628bdb1fff573033b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.72; 38.132.118.72; 676.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://wheregoes.com
an-x-request-uuid: e24ee7d2-302a-4fa5-91fb-74fcabe8c295
content-length: 478
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 03 Oct 2024 14:02:34 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 2 KB
1 KB 668ms
578ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 0f898d09bc2d4173d82ea08849a422be6446ef3ee8c7c818fb416711606f966e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 530
access-control-allow-credentials: true
via: 1.1 google
expires: Thu, 03 Oct 2024 14:02:34 GMT
access-control-allow-origin: https://wheregoes.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 14:02:34 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
493 B 337ms
216ms Fetch 2620:100:a00b::30
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.45.0&cb=70581735711&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1727964000000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a00b::30 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://wheregoes.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://wheregoes.com
date: Thu, 03 Oct 2024 14:02:33 GMT
vary: Origin
server: Kestrel

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 9285 0
0 147ms
50ms Document
text/html 209.85.201.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f157.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 865
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29417
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 13:48:09 GMT
expires: Thu, 03 Oct 2024 14:38:09 GMT
last-modified: Mon, 30 Sep 2024 19:42:40 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 favicon.svg
wheregoes.com/c/themes/custom-theme/img/ 1 KB
1 KB 50ms
50ms Other
image/svg+xml 172.67.183.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/themes/custom-theme/img/favicon.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a218f71ca19363f32708623720794ed5c4eb6fabf5a2944ea6f44f99a782def6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/trace/20245505640/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"667c6455-43d"
age: 6639591
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V7PokUw0r4C3QP659BMujKofzMTEzcgkMCvHc30sberTwQ38%2FRy6g%2FYsFkqo1wpKmV0pA0Cg%2FsPPcsA6UKnnXAuzRQFns1%2FrfS5KlFONCNKtw9if7n%2Bt%2B%2Fc4eyVwGQ%2B6"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 18 Jul 2025 14:41:41 GMT
date: Thu, 03 Oct 2024 14:02:34 GMT
content-type: image/svg+xml
last-modified: Wed, 26 Jun 2024 18:56:21 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ccd787b6dc8875c-MIA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 233ms
120ms XHR
application/json 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202410020101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

3e5f29213d9f1c9b6e3b05e36c9c548823acada55efe95a02f40bed1388924d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 12926
date: Thu, 03 Oct 2024 14:02:34 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 202 KB
35 KB 170ms
169ms Fetch
text/plain 209.85.201.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4076956445767041&correlator=2594963047000133&eid=31079957%2C31087548%2C31087720&output=ldjh&gdfp_req=1&vrg=202410020101&ptt=17&impl=fifs&iu_parts=8691100%2CWheregoes_S2S_Leaderboard_ATF_ROS%2CWheregoes_S2S_Sidebar_ROS_Pos1%2CWheregoes_S2S_Leaderboard_InContent_BTF_ROS%2CWheregoes_S2S_Sticky_Sidebar_ROS_Pos2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x90%2C300x250%2C320x50%7C728x90%7C300x250%7C336x280%2C300x250%7C120x600%7C160x600%7C300x600&fluid=0%2C0%2Cheight%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1727964154627&lmt=1727964154&adxs=436%2C1091%2C276%2C1091&adys=440%2C666%2C1163%2C1070&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20245505640%2F&vis=1&psz=960x267%7C300x952%7C862x1020%7C300x952&msz=960x90%7C300x250%7C862x250%7C300x600&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&td=1&egid=41282&tan=e255e779-7d3e-4da7-96b6-a0ab4d0c933f%2Ce255e779-7d3e-4da7-96b6-a0ab4d0c9340%2Ce255e779-7d3e-4da7-96b6-a0ab4d0c9341%2Ce255e779-7d3e-4da7-96b6-a0ab4d0c9342&tdf=2&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1727964152432&idt=1424&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1641228026595-4_123456%26optimize_imp_id%3D1727964154604-28529b10%26optimize_inview%3Dtrue%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641228120494-5_123456%26optimize_imp_id%3D1727964154605-36ad3b06%26optimize_inview%3Dtrue%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641318314037-7_123456%26optimize_imp_id%3D1727964154605-5483bc48%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641318529900-6_123456%26optimize_imp_id%3D1727964154605-4c5be115%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dwheregoes%26optimize_xp%3Da%26optimize_refreshed%3Dfalse%26optimize_pathname%3D%252Ftrace%252F20245505640%252F%26optimize_pv_id%3D1727964154603-2e7260f9&adks=1696759606%2C2861055222%2C3878002045%2C3809685794&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f154.1e100.net

Software

cafe /

Resource Hash

43bbec57dd944178ca2c80b959148416ab05fe596615f6ca91c3e02c3544b081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: br
google-lineitem-id: 5320060794,5320060794,5324395187,5324395187
x-content-type-options: nosniff
google-mediationtag-id: -2
google-mediationgroup-id: -2,-2,-2,-2
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Thu, 03 Oct 2024 14:02:34 GMT
content-type: text/plain; charset=UTF-8
google-creative-id: 138305491763,138305848162,138305885717,138305874978
cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://wheregoes.com
content-length: 35777
x-xss-protection: 0
server: cafe

GET
H2 200 container.html
835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D8F7 0
0 222ms
58ms Document
text/html 2607:f8b0:400d:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 14:02:34 GMT
expires: Thu, 03 Oct 2024 14:02:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BD1A 0
0 34ms
33ms Document
text/html 2607:f8b0:400d:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 14:02:34 GMT
expires: Thu, 03 Oct 2024 14:02:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html
835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C07E 0
0 9ms
9ms Document
text/html 2607:f8b0:400d:c07::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 14:02:34 GMT
expires: Thu, 03 Oct 2024 14:02:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 994D 0
0 161ms
160ms Fetch
image/gif 209.85.201.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjAxTNcOXfNHaZzk09cEtlzh-5GlGAwlLoLHI_Ou6_JCSMzh776d3tBeam5BMeFT9XHEi1G04B_ZZAuhexJlttO1kYAT9j0tSmcsq1_7iotXF8Bof462Uq6k_7SPnWgmxhkiL0r_-4vQd88Ab9wfnmRaH166mxF87hdrKe9NYLI6jozvJNRGizyA4FrXT7nW2XhnLf810I8qE13tnDQmJIvQ-P0bXTBgePQkdjw8FcXCY49hpoLlVB7vWJly4K3IghvHTC3R2xX3CI1i7p49L3JqnenwNlqwSrYVmV9LzvWNZp85EHq6ZZ1D5QQ0JsmrCxGUs-PHUToz-_WjYXj8qKfsFND5q1CpuRIU1irMMz8WH5zRt2ECAw2v-6gROWNl9ZO1FKO8B7glOVLpxZGIX-owuCzVpC_aJj2nPQrQ&sai=AMfl-YQebO3SXSIB94lia8o7YtB8qrVauSxiNykgNK7vlIxXrDqRKFlIucRBKhXPemUrZs8SiYVOiWsnmVzz-j_doUVeQq6CigszzUjSTSGPsNJ0JRLRzQGtXKNVsSNaRLJfpOnzc3pUMauFZlg-0hvvKg&sig=Cg0ArKJSzAQqI6gHl25pEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 14:02:34 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 14:02:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241001/r20110914/ Frame 994D 23 KB
9 KB 181ms
58ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241001/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba5f8d3b5cd5d1a9d01d0f07c1bf82b4f422d963ab1a406e2deca0074cf5f32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: br
etag: 1262224488297882673
age: 82797
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 15:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 02 Oct 2024 15:02:38 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9310
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241001/r20110914/client/ Frame 994D 3 KB
1 KB 350ms
228ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241001/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: br
etag: 16544991220582087243
age: 82801
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 15:02:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 02 Oct 2024 15:02:34 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1229
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 994D 206 KB
64 KB 162ms
56ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: br
etag: 7550679465687725357
age: 148
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 15:00:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 03 Oct 2024 14:00:07 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65390
x-xss-protection: 0
server: cafe

GET
H2 200 9435140927320421974
tpc.googlesyndication.com/simgad/ Frame 994D 92 KB
92 KB 270ms
148ms Image
image/jpeg 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9435140927320421974

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de8279221cec92147e41e962754da2e9667fe862dc94f192566fa7bec3d11f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

age: 63879
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Thu, 02 Oct 2025 20:17:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Wed, 02 Oct 2024 20:17:56 GMT
last-modified: Tue, 10 Mar 2020 20:30:38 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 93765
x-xss-protection: 0
server: sffe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B944 0
0 147ms
144ms Fetch
image/gif 209.85.201.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuaHpA1CFDeUqWyTxMgQlcgHT1XVLOkwS0xfGSgp_FfxLwNE3sJCWySmdrR_3DF7-QrJHZe4CBGGBjVNsz9mB4UQPl8uPkvGICgTBhwEbxDu0cubkEox5Uj4miEaXabTaOkVACiFxqGYko7gHBym9UlS8xmSPyPFh8Ru1Rq5fGP_CoKLGodyibkzkvx9FuqSl2rm09UKE75D86dbv0UDr5dZLtWuq9MWW7mFsieRyuDvTvVLOBBpJ0lXuQxGtl4zvb9-472PV04gkaV9JEYMeRwv_A6PAlwnxgBBAQQow-W0e1hIU6G-kXap2OtD0dnLlw_CWWS17H19TAUhL-qz-ubRCgpROKcdzeTGAaDlwJkjHOJyPRvDbYLqTY7DBqCyEUZvHjAUC0Mfndiz2Xysz5WMWwq8OWdZA&sai=AMfl-YSdzNTfgLjYx2jGFQxiKINaheUbcHyUwxzuhstaC1DyoKH209uu8cVKr1TLVlOXYZimkzHZ-3RshopxemTjpe6tWWjHzy8w634bYeTdaLgrWA5S8jZrX0wUF1vNnHyZ8NY7EaC2P4wvfF-gKfALTQ&sig=Cg0ArKJSzKkjf5hdk8emEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20245505640/

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 14:02:34 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 14:02:34 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241001/r20110914/ Frame B944 23 KB
0 168ms
168ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241001/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba5f8d3b5cd5d1a9d01d0f07c1bf82b4f422d963ab1a406e2deca0074cf5f32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: br
etag: 1262224488297882673
age: 82797
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 15:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 02 Oct 2024 15:02:38 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 9310
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20241001/r20110914/client/ Frame B944 3 KB
0 340ms
340ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20241001/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: br
etag: 16544991220582087243
age: 82801
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 15:02:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 02 Oct 2024 15:02:34 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 1229
x-xss-protection: 0
server: cafe

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B944 206 KB
0 151ms
151ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: br
etag: 7550679465687725357
age: 148
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 15:00:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 03 Oct 2024 14:00:07 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 65390
x-xss-protection: 0
server: cafe

GET
H2 200 8501118484541795674
tpc.googlesyndication.com/simgad/ Frame B944 88 KB
88 KB 335ms
227ms Image
image/jpeg 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8501118484541795674

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4987ec68837273fe612c09892841f5011f57d542e12b1567db12e18e5e214ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options: nosniff
expires: Fri, 03 Oct 2025 14:02:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons: true
date: Thu, 03 Oct 2024 14:02:35 GMT
content-type: image/jpeg
last-modified: Tue, 10 Mar 2020 20:31:43 GMT
cache-control: public, max-age=31536000
timing-allow-origin: *
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
content-length: 90087
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ Frame 994D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02987ddf51257e520990dd6d02e0a1a0f388a37495c565e1e2e584956d4e531a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B944 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c56d990d0212a97572de3fb2bc4b6c4bb01e2c9fe825479f749c51cdfdf5e3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 18 KB
7 KB 264ms
263ms Script
text/javascript 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 14:02:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 14:02:35 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 112ms
111ms Fetch
text/html 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410020101/pubads_impl.js?cb=31087720
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bi-in-f155.1e100.net
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://wheregoes.com/

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 994D 0
0 266ms
163ms Fetch
image/gif 209.85.201.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1bxmTCTlcBQ0-TYQ_a4rFrLWEhRkjY8iCHgXvnNZjWzczcUUKmpAP0Z1a8m_iUWHjyFhXsawrhe13bqosj3pvZ9DiEEJiEi1kB8nDh4vJv6ce_hV2HWT8XMIJCmw3nRpVymH2lms0L-5xRgGP_Ox6Qa527k7Qf_4IoAprh55JYP78xlktzcTdCG_TinmE5B4CHHMWCX5pjBgHBYjIq8FaOWTwmu3DFFI0hOIv-cNb4uOKBG8uKzU-eThSnapB2tDNJnhqdcXt-4gGR4nMyddQ6fqIIwKArHC7lq5-tB0pLfOXmG-epdyNpIasAvLONezwrLW6uFQJ0ULx83x_z5JMdBEEfTEz5kNBhswu1AlMEa-yGZMiavwSS-nOSXb6YgjDHQkbHrsPRH8ecdYA3j9bwJIiJzsvPs-Een6Qwal8&sai=AMfl-YSOYG8ZTfqRkOw2GXxfZBvsAq2gibwQZm4y3pn_uyWgXjdgb_6laE9uTwIuE3fwh6kiF6OmImQvzF344T8IgXM59aQVdB18k-iTSjLGafVyXV7i9P0GHpOfMkF2Y2T80gHqL_1hiInO5aEdD013Bw&sig=Cg0ArKJSzIhyktV5TGGDEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 14:02:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 14:02:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B944 0
0 177ms
107ms Fetch
image/gif 209.85.201.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKcPglVW_eFvffJkAFSFY1e-_uYNH1eSJHzvxIyh1k1xMXrQVOwDxinjRN1tERpzATg81V5rG5UHiSS1KkwJ19powO0dtEYp-Sv0fXCUX702e39s2nDBa2qJvGUXSSRXO94Qkdo0aphIsshJMl6MBT9WOKy80Z8m9PGYpkSj4-UVb1DcmQG0gHs-HQUiBPCzcSNpZKIll7lpdhGGs-reHKbTSMayTgKCEOVrtGu_r1PyRxD471DrJB9-Op-WGzX1dP0torb1zJw6nqaAHO8RFSvWp3uAs-f6C_Cd0aS4UBNdluPPNSB7xTwOjxLBW_oj8QxX8zwQEJb7MT6aqg81v403xwQ_LHoLvjnbZsJ6CFJfI1BVRFcxmv3tK4abMQmGnFgiboaHPkq6HzmWQo4JidHdl5FG1p8r1e&sai=AMfl-YSik-31MYVAGPuATjHAPVxU_wdrwVc4M6GKoHfS-Z2eG_efRWHw9PdgAupzssDpl4jhDbvbA3WixOcPDSZG98zPt1Y-JTgsy2vYdqKsDXc33Ke3lrfvtqEXCmJVdvE9tCIhKydjCD-K8ki6YQ_dgA&sig=Cg0ArKJSzJEBFpDDtXGiEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.201.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qu-in-f154.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

cache-control: private
timing-allow-origin: *
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 03 Oct 2024 14:02:35 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Thu, 03 Oct 2024 14:02:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 994D 0
0 120ms
119ms Fetch
image/gif 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 03 Oct 2024 14:02:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B944 0
0 230ms
113ms Fetch
image/gif 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://wheregoes.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Thu, 03 Oct 2024 14:02:35 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/232/ Frame 7FBE 0
0 113ms
112ms Document
text/html 2607:f8b0:400d:c0d::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/232/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0d::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 127411
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 02 Oct 2024 02:39:04 GMT
expires: Thu, 02 Oct 2025 02:39:04 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 1A63 0
0 161ms
60ms Document
text/html 209.85.232.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

209.85.232.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

qt-in-f99.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-S-6SylxkhbMRkSD888nMXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-S-6SylxkhbMRkSD888nMXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Oct 2024 14:02:35 GMT
expires: Thu, 03 Oct 2024 14:02:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET publishertag.prebid.144.js
static.criteo.net/js/ld/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wheregoes.com
URL: blob:https://wheregoes.com/6c5502f1-f7f2-4edc-bb3e-286a7c616f09

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202410020101&jk=4076956445767041&bg=!PzylPHPNAAax3igvkd47ADQBe5WfOMTOJr5Cf3WD_G4gmiZqNWxb8NYkN3QSJgomwlNhQYM2STyklMgYzz3Rivx9daNhAgAAAG9SAAAABGgBB34ANqPTGnvYQfhajMRzveRVfSAcBR37DLVvSZ5R2LjGk4N48W0DSWUE7DCdfWjpRnouSEofVXypdQoAq3650E5ZqTgdx_uXRR4f3_dhx2r6Rrv4ZcSm2E9PhvYrJxjaNB5DusNjDxCf3kWaDKwb7hR2kqw5s7lKx2lI37XY9Pm2cyAcO7wg-U4Sv21FKT-XDEzxOFBWF7aKC1yWvXgbKEDJaA0NmTgXEGR6IxEqBEnze_0LIPuTDXBlg3OvI0a2FhZtdN65XSO3U05K-NoL8nMMtSMCF-0drR8K798-c09_V_J-Qc6aMJkCom6t7988aOB1CZgYp5XeQ5xummND5kD8D0c-J-B9oH3bZ_XcnbOlwY5jfiBrbT8ou43I9i3wHswjdoZ41xKLsXxIFKeTEJjSswYIb175gJtFgQoubZhq-up5br3FyVhMdUfUVGisCoCdU9fMqAqCipt2bc5kYHP1C841ijszUXzsfSFITraoh8vapJ5hYKLAWmdILY9OrO5XkNUHEzOdoQMCJxcBipc51EBLkh4EVQ0j8F-EGnjD9Q5l1SUr84zWGd4obdAySfJ6GQu7fESK6uFIU_LXtXCBaUBx8-LbAQbGyP2WnufQiWvfUKWgyFiZxxa3HmeRFzNL-yj-PV5h0lAg2QYE9AV0OYc2MfCxHUB8VVHBGkq15_AVqRnODECX27BEziYw6Q-5oW3b9kNv-FCzGVyHi98XKJsjhHgHqrkkIGYhby2YZ0vXk-HJVmetuS4-9P95_1Go6GvW90UrAzsKReQ9TZ_BqJEPU_C_N9XUznWJhNYII34NHCiw4O-38UQjwbvfzgcHhjkFzrK3ADQEdjgMKNqRHWlQNmZ-nEQwwwPU-nXvkBCn050ArdXmEqOAGQsoLhsgFf23A0oU5H1hKzqz_c-7_V-sBZKT8e47otHjYSNxxg98ztLy35D6yF1otGd66i1LpfbMAN5VOYUcCoRt1QYbJYx_Q1QoIRQ8NwsaduUtP3XGAJ_FCfWslO396UG0FhT7V5m0aza5GfxZm6xF1cbJ0xTRmn4oFWbZNZKiMN1e437Ip8BcZCo1drEhokgn-slmEtmLQ5sZP_zHOy33bvsPQCMkFYwhw5fuQWVHEeHKJi98xhZS9_FZLzl7XBwGLy3aKXdoCrN0-m9j23wYBPA9J4wSscx5_nxAh2hNwYQ4RVR7dOhaHrI6P_ds

Domain: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.wheregoes.com/	1970-01-21 08:45:00	Name: cf_clearance Value: SA5.M3o7A_JiakqoHgB0YFbnOMnmVKJ_ZbMxl6gs6aM-1727964152-1.2.1.1-iSXjsSfuQ76OPJGa1E_WDIopy97N5SejYec4AqXkP017Zp53B4Zr_vCQmiYmfG5iBZNAziiHXgbErhd4CtKXF2PtMuxkyP9W8jUmd543k3Sy.IEDcVs.ISXvUIWeXe8PaWQzqxrYL1LPtQll1CrmloNNwM37sxKqmheHPKOFXPqxT69rh6_QK8y11pxqnZAmm54vPeLE0Uwe3H3UR1KReyGlWOGSwwkw4p2iWloqekqjticmP.KHt_E.GrvtcgAU1yIfcQxODuiTcAcstEz5g2DGjImst22RBBCJVJmGieEwkoozLljmSnffTz9X1lANOtUOHtAVBPOanwniyeRKHnIegst9_3QAcedYX.K6ggwoR8FakxUqyGj1qbl8ZlhC
.lijit.com/	1970-01-21 08:45:00	Name: ljt_reader Value: Jb1qABZH9r3_sTLpRzu6WwXl
.rubiconproject.com/	1970-01-21 08:45:00	Name: khaos Value: M1TD8QGA-18-JAQR
.rubiconproject.com/	1970-01-21 08:45:00	Name: audit Value: 1\|tcR/wBEzWcLKUp4U0UJ1daS5Bv7H1ouoxdnNVF8ci150L5HFnskGyWZvPPdygrhduVM0bP5nQ80zgHlbzd1OQIn0kEOGVL/NzxTqj0kKQGgijy0RC4Zd8SKPLRELhl3xG7JtXJVTTK0=
.criteo.com/	1970-01-21 09:21:00	Name: cto_bundle Value: 5kDXzV8lMkI2NURvZSUyRkclMkJ6cDBXd1FVTHlZemh3cG9IZHlqN0I3MTJaaWxra3dQY2p1T3hhQ2RtS0R4Y0loWHVxSTJmejlCYUhXYWpsdVhSVWhzZCUyQlY1empwRGtxRmZ0Q2F1ZFpJYTljMHcybml6N1F3JTNE
.adnxs.com/	1970-01-21 02:09:00	Name: XANDR_PANID Value: mMyyNKeIxhivX0gQACj8PwVMp6LJe1P1qZOCH5cgbUBdErka6Kv0tLm3fxyPOHMicSW0QrL14rJbk51dM8QacTWX0HLqQEE-bOHnr6mBCWo.
.adnxs.com/	1970-01-21 02:09:00	Name: icu Value: ChgIvahBEAoYASABKAEw-sf6twY4AUABSAEQ-sf6twYYAA..
.adnxs.com/	1970-01-21 09:35:24	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:09:00	Name: uuid2 Value: 7430638300242656426
.omnitagjs.com/	1970-01-21 00:42:36	Name: ayl_visitor Value: 3ad75554400c135eeff69ba9fda1c311
prebid.media.net/	1970-01-21 04:18:36	Name: receive-cookie-deprecation Value: 1
.wheregoes.com/	1970-01-21 09:21:00	Name: __gads Value: ID=c8880e6ffa90a2fa:T=1727964154:RT=1727964154:S=ALNI_MbwHqq-m9DMyBPZ4iY54uR_vUSLDQ
.wheregoes.com/	1970-01-21 09:21:00	Name: __gpi Value: UID=00000f231053d5c2:T=1727964154:RT=1727964154:S=ALNI_MZ4j-XEXXzzz2IScarD1Q56cm0V2A
.wheregoes.com/	1970-01-21 04:18:36	Name: __eoi Value: ID=df52c3c2bbb3cfcb:T=1727964154:RT=1727964154:S=AA-AfjZw1f9YNWj_vCKq1b9nFYlF
.doubleclick.net/	1970-01-21 09:35:24	Name: IDE Value: AHWqTUlvTt-al4jwnoLuTPKBXfR1cXVVgVsU02_4LKk-wYA_YbiItlkmejvK0NT-42k

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

835030bb7885892d2acca5e4ff5b4b4a.safeframe.googlesyndication.com
ads.servenobid.com
ap.lijit.com
api.fouanalytics.com
bidder.criteo.com
cdn4.buysellads.net
fastlane.rubiconproject.com
hb-api.omnitagjs.com
ib.adnxs.com
onetag-sys.com
pagead2.googlesyndication.com
prebid.media.net
s.w.org
securepubads.g.doubleclick.net
srv.buysellads.com
static.criteo.net
tpc.googlesyndication.com
wheregoes.com
www.google.com
pagead2.googlesyndication.com
static.criteo.net
wheregoes.com
159.203.151.34
172.253.63.155
172.67.170.60
172.67.183.14
192.0.77.48
195.244.31.10
209.85.201.154
209.85.201.157
209.85.232.99
24.144.70.77
2602:803:c002:200::32
2606:4700:3034::6815:240d
2607:f8b0:400d:c07::84
2607:f8b0:400d:c0d::84
2620:100:a00b::30
34.120.63.153
34.199.105.107
34.233.187.24
51.222.39.185
68.67.160.117
0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b
02987ddf51257e520990dd6d02e0a1a0f388a37495c565e1e2e584956d4e531a
0f898d09bc2d4173d82ea08849a422be6446ef3ee8c7c818fb416711606f966e
111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
20d9d9d8c0ccf289c52d813f5800b780de361234455b5a7c66f3572352dbaf96
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
31c8eeb3464c533a70d346a9b44dc87d88445a15c54429f570096f4a09b05231
393e0efbdef28326483834ce1614cff371508a008233dcfba88b3ab03d96918e
3e5f29213d9f1c9b6e3b05e36c9c548823acada55efe95a02f40bed1388924d7
408eae2e77f4c4fd2c59f449c7b5e49f2e65a3a40b905defe8f18b3dbf51f621
43bbec57dd944178ca2c80b959148416ab05fe596615f6ca91c3e02c3544b081
45583a2bf7c2a040037798ee3a75f4886fd2204bef6fb33628bdb1fff573033b
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
51fba63e7765d23c9bec231fa34c7eb5b294133cd14ef85425e80e372066803c
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53f700b326f1414787ea7ae51c995e46e608064aaab2597818d083e2e109870f
59ac8678755cff8def1e74a605baf8af0bc3af555812c1295b81cf223f26d5d8
5c56d990d0212a97572de3fb2bc4b6c4bb01e2c9fe825479f749c51cdfdf5e3c
5d3bf89c1a0b1cf9edc7a4816c059aeef172d84679b17f3feaf42fd713cc6f89
5d6120670efc8d0e341da81feee0298095402654414f1e93fad0683da438622d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6aaaff486ec17c4ee693e4e1c7a297c6269cb3f180300438b52b110bf9d8b23e
6acc864f534d7c5eb581cb75dc3716840903509918f6bc0b37c8f6b5e7bf09b1
6adbf7613efb9d5f9385e42495ec01a5a17690551607263a0d840d08f132f9c6
7643aa5b3e4a92aefc8d4dc72e44ecb2e2008f230f75a8c270bd8cef11a7fd2d
8770938cd57c83b5f60c76410479ce4389d4ae6d3d572731d84770920686aa5e
88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2
a031f3d0c108a8d451de26eac863e96231ff8ac7fcc8e9b6efcabb7988530efc
a218f71ca19363f32708623720794ed5c4eb6fabf5a2944ea6f44f99a782def6
b0088124edc0322d5cc6c4385ca59c018ceb76790c907d13f1ee5be3dcc1a039
b4987ec68837273fe612c09892841f5011f57d542e12b1567db12e18e5e214ed
ba5f8d3b5cd5d1a9d01d0f07c1bf82b4f422d963ab1a406e2deca0074cf5f32f
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2
da6d5b33072b3e71a0463d605994e9869dee78d7681d5e68cd0632d047dcb02f
de8279221cec92147e41e962754da2e9667fe862dc94f192566fa7bec3d11f11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edd37ebae18007eeae37ce0d88f93c3a895862f79194c1c164330b75e0578235
f053be9c91dd84c0a3b14b168ed75173531e8175b1315beb67681a97b359abd6
f2a7aded29cde87ef58032dc2d98153485444384285df55f0e3b5aab72df5e5c
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f5d643584ccb013e4d568bc334409cb72380808fae41664b2214b1ae033366f4
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

wheregoes.com Open in urlscan Pro 2606:4700:3034::6815:240d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

94 %HTTPS

25 %IPv6

17 Domains

19 Subdomains

21 IPs

2 Countries

882 kBTransfer

2627 kBSize

15 Cookies

1 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wheregoes.com Open in urlscan Pro
2606:4700:3034::6815:240d Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

94 %
HTTPS

25 %
IPv6

17
Domains

19
Subdomains

21
IPs

2
Countries

882 kB
Transfer

2627 kB
Size

15
Cookies

69 HTTP transactions
2 data transactions