www.wheresgeorge.com Open in urlscan Pro
2606:4700:20::ac43:4757 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wheresgeorge.com/
Effective URL:
https://www.wheresgeorge.com/
Submission: On July 07 via manual (July 7th 2022, 11:34:28 pm UTC) from US — Scanned from DE

Summary HTTP 315 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 57 IPs in 8 countries across 50 domains to perform 315 HTTP transactions. The main IP is 2606:4700:20::ac43:4757, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wheresgeorge.com. The Cisco Umbrella rank of the primary domain is 989254.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 19th 2022. Valid for: a year.

This is the only time www.wheresgeorge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 47	2606:4700:20:... 2606:4700:20::ac43:4757	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2010	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
1	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 9	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
7	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
3	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	35.80.221.146 35.80.221.146	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	34.117.97.210 34.117.97.210	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.138.210.41 3.138.210.41	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.97 65.9.66.97	16509 (AMAZON-02) (AMAZON-02)
2	130.211.29.253 130.211.29.253	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.154.180.162 54.154.180.162	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:350... 2a02:26f0:3500:58b::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
32	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
10	3.120.67.34 3.120.67.34	16509 (AMAZON-02) (AMAZON-02)
1 1	52.31.146.195 52.31.146.195	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:2400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14 34	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
7 13	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
8	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	85.14.248.71 85.14.248.71	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	52.209.247.136 52.209.247.136	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
2 2	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2	185.86.139.102 185.86.139.102	201081 (SMARTADSE...) (SMARTADSERVER)
1 2	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	198.47.127.18 198.47.127.18	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	23.35.237.56 23.35.237.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:d584:42d3:abd8:529d	16509 (AMAZON-02) (AMAZON-02)
1	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
2 2	2a05:d018:24:... 2a05:d018:24:b002:9c86:618d:a8aa:eb77	16509 (AMAZON-02) (AMAZON-02)
315	57

47 2606:4700:20::ac43:4757 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

wheresgeorge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.wheresgeorge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.33.221.90 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

didna-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.80.221.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-221-146.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.97.210 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 210.97.117.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.138.210.41 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-138-210-41.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.29.253 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 253.29.211.130.bc.googleusercontent.com

privateads.rtbhouse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.154.180.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-180-162.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:58b::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.120.67.34 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.146.195 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-146-195.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:2400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 142.250.186.34 (United States) 14 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.18.19.126 (None, ) 7 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.71 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.247.136 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-247-136.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.40 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:d584:42d3:abd8:529d (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (Beverwijk, Netherlands) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.50.137.182 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b002:9c86:618d:a8aa:eb77 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
71	googlesyndication.com d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	444 KB
59	doubleclick.net 14 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	336 KB
47	wheresgeorge.com 2 redirects wheresgeorge.com — Cisco Umbrella Rank: 897189 www.wheresgeorge.com — Cisco Umbrella Rank: 989254	1 MB
17	casalemedia.com 7 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 542 as-sec.casalemedia.com — Cisco Umbrella Rank: 1361 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576	14 KB
16	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 447 rtb0.doubleverify.com — Cisco Umbrella Rank: 638 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 13299	83 KB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	453 KB
11	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	1 KB
10	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1803	3 KB
10	openx.net 1 redirects didna-d.openx.net — Cisco Umbrella Rank: 41975 oajs.openx.net — Cisco Umbrella Rank: 4128 google-bidout-d.openx.net — Cisco Umbrella Rank: 3827 u.openx.net — Cisco Umbrella Rank: 710 us-u.openx.net — Cisco Umbrella Rank: 387 rtb.openx.net — Cisco Umbrella Rank: 1589	2 KB
9	yahoo.com 2 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1020 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479 ups.analytics.yahoo.com — Cisco Umbrella Rank: 299	2 KB
9	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	9 KB
7	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	9 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	254 KB
6	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 488 hbopenbid.pubmatic.com — Cisco Umbrella Rank: 520 image8.pubmatic.com — Cisco Umbrella Rank: 590 image6.pubmatic.com — Cisco Umbrella Rank: 629	71 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 501	2 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 7751	1 KB
4	rubiconproject.com 1 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 528 pixel.rubiconproject.com — Cisco Umbrella Rank: 336	6 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1463 bcp.crwdcntrl.net — Cisco Umbrella Rank: 863 id.crwdcntrl.net — Cisco Umbrella Rank: 1561	9 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1490 id5-sync.com — Cisco Umbrella Rank: 550	13 KB
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1220	544 B
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1140	788 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 801 r.turn.com — Cisco Umbrella Rank: 2975	869 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 540	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 938	344 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 820	488 B
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1255	150 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 583	1 KB
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 86800	2 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 536 static.adsafeprotected.com — Cisco Umbrella Rank: 562	690 B
2	rtbhouse.net privateads.rtbhouse.net	219 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2518	24 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1441	115 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 367	787 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 422	73 KB
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 851	713 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1121	576 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 12943	554 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 34958	607 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 587	191 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 612	537 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 462	863 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 11552	1 KB
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 6618	5 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	13 KB
1	creativecdn.com invstatic101.creativecdn.com	2 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 4229	8 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 5620	904 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 856	364 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 671	13 KB
315	50

	Domain	Requested by
46	www.wheresgeorge.com	1 redirects www.wheresgeorge.com
34	cm.g.doubleclick.net	14 redirects googleads.g.doubleclick.net www.wheresgeorge.com d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
32	tpc.googlesyndication.com	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com www.wheresgeorge.com tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
32	pagead2.googlesyndication.com	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com www.wheresgeorge.com tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com securepubads.g.doubleclick.net
13	s0.2mdn.net	www.wheresgeorge.com tpc.googlesyndication.com s0.2mdn.net d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
12	googleads.g.doubleclick.net	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com www.wheresgeorge.com
11	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
11	securepubads.g.doubleclick.net	www.wheresgeorge.com securepubads.g.doubleclick.net www.googletagservices.com
10	protected-by.clarium.io	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com www.wheresgeorge.com
9	ib.adnxs.com	3 redirects www.wheresgeorge.com googleads.g.doubleclick.net
8	cdn.doubleverify.com	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com www.wheresgeorge.com
7	www.google.com	1 redirects d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com tpc.googlesyndication.com
7	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
7	c2shb.ssp.yahoo.com	www.wheresgeorge.com
6	www.googletagservices.com	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
4	rtb0.doubleverify.com	www.wheresgeorge.com
4	gum.criteo.com	2 redirects static.criteo.net
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
3	mug.criteo.com	www.wheresgeorge.com
3	hbopenbid.pubmatic.com	www.wheresgeorge.com
3	prebid.a-mo.net	www.wheresgeorge.com
3	fastlane.rubiconproject.com	www.wheresgeorge.com
3	didna-d.openx.net	www.wheresgeorge.com
3	htlb.casalemedia.com	www.wheresgeorge.com
2	sync.tidaltv.com	2 redirects
2	sync.1rx.io	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	onetag-sys.com	1 redirects www.wheresgeorge.com
2	ssbsync.smartadserver.com	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	skydeutschland.demdex.net	1 redirects d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
2	googleads4.g.doubleclick.net	www.wheresgeorge.com
2	id5-sync.com	cdn.id5-sync.com ads.pubmatic.com
2	oajs.openx.net	1 redirects www.wheresgeorge.com
2	privateads.rtbhouse.net	invstatic101.creativecdn.com
2	script.4dex.io	www.wheresgeorge.com script.4dex.io
2	confiant-integrations.global.ssl.fastly.net	storage.googleapis.com confiant-integrations.global.ssl.fastly.net
2	match.adsrvr.org	js-sec.indexww.com ads.pubmatic.com
2	www.google-analytics.com	www.wheresgeorge.com www.google-analytics.com
2	storage.googleapis.com	www.wheresgeorge.com storage.googleapis.com
1	um.simpli.fi	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	sync.targeting.unrulymedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
1	rtb.openx.net	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	image8.pubmatic.com
1	u.openx.net
1	gcm.ctnsnet.com	1 redirects
1	pixel-sync.sitescout.com	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	sync.mathtag.com	1 redirects
1	id.crwdcntrl.net	ads.pubmatic.com
1	m.exactag.com	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	static.adsafeprotected.com	d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
1	pixel.adsafeprotected.com	1 redirects
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	as-sec.casalemedia.com	js-sec.indexww.com
1	ads.pubmatic.com	storage.googleapis.com
1	api.rlcdn.com	js-sec.indexww.com ads.pubmatic.com
1	js-sec.indexww.com	storage.googleapis.com
1	wheresgeorge.com	1 redirects
315	79

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
forums.wheresgeorge.com
www.cafepress.com
wheresgeorgerubberstamps.com
redfearn.co

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-19` - `2023-05-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-04` - `2023-06-05`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.a-mo.net R3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-06-12` - `2022-09-10`	3 months	crt.sh
cdn.id5-sync.com R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2022-06-22` - `2022-09-20`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
privateads.rtbhouse.net GTS CA 1D4	`2022-05-26` - `2022-08-24`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2022-04-10` - `2023-04-26`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh

This page contains 29 frames:

Primary Page: https://www.wheresgeorge.com/
Frame ID: E67AF2AA66F51D7019D90D61EC2F2066
Requests: 124 HTTP requests in this frame

Frame: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 775CF240CF388805657A55E323700841
Requests: 1 HTTP requests in this frame

Frame: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9049A703FE9918E1B6D0E0AB44EAEF5F
Requests: 18 HTTP requests in this frame

Frame: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C52F280F995245705EB1E506EF53298C
Requests: 18 HTTP requests in this frame

Frame: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2FDDE09F9A78FDD220E25E5DD70CA77E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNU-iU4gKjLuBNKjgq0F6wB0NaSkzZtxkK_iyznWi9hEVAH8RAAVK7eeRc-h6e5eE-MKCg5jAzUU-Q4Lme0-2wZPnnDs742ToXKd5wA9hBlrMfsDevj1JBCwrX_4HRpxe84BTmMu-9KqPsLwlWGARvuzjdhIeRleGHdXaTZFyfx_AdpKDeY
Frame ID: E62472E034F305C445C5179653E5D06D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJ_m8s0BMAE&v=APEucNVOZbFRGhvq7B87J2_Z-lKm3TF6zfDH1MfzRjYVkwNbLfdIAfGssaoWO39Cv46dYGPRZn3loOG8-FF60FjBOmIfNi94K38zrx11dRDj6_TMP1UXYLVvy0s4VEoFu2mnwuaYDrfUWacRrs3PyzdsFGIqvX05n28z-38XjRkL_VYu3oKdRbg
Frame ID: 950BB147F783ECAB4604666064629218
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/index.html
Frame ID: FD26909627B06F0A21BD1F07D8AE3B15
Requests: 21 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.wheresgeorge.com
Frame ID: ABA3B7118784CC40827B7B08035DBDA3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A885CC75C87A77B550DA18D16ACFD613
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 878AFAC2258FDAB2A9B99E8B1B90100C
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: AA27C80ABA0376F727F32440A4E0AC7F
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247
Frame ID: C3FF73848482BCE159C25EC5251EAA7B
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7877F2609B6FDFFBE597AD3B311BAFC9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js
Frame ID: 6BAD4E8BF7D510D61B04380213C4E084
Requests: 1 HTTP requests in this frame

Frame: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 66B85885B3F585A93DDC665BE7810AA9
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWvB36eXd0osdl9ATGhq6dTW8Gq5_zPyRrPbwPLOM6Ycba52h9QBZcgc9TI48VAqCO4CWi69aHz_RaPTg64JCjg6y4WfuEgEI9hYB0JSnXiPHXvooglEMA_kcJX_5Jre_6bMnLz9EMIsghgvSb6ZBRxrmRE3LXzdxCTdGmB1RFWXp070fQ
Frame ID: 10841954F96E7E24F5D4359D4ADEE48F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 07518D7C7EBE1CFE52FA3D4AC4FA08E8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 91B43E5D4827D8D7504B65AF01128F8E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B3AA9BA0C0AE5B77B834A9CAB1BDED8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD9C6AF5E08FA1CD57EC4C26F9DF1044
Requests: 2 HTTP requests in this frame

Frame: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E8D0AC1B99E275D8CC9A4248BDCA604C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWIBymmAMXQrLKmtbvTG09vQKCQDs9DQPHdNB71tz7hVbh-DZ0urkmW1ynQj5zX8C1MCnMt95DI6_44LL5Jk4w2xpN72v7mLP4-ctRrhvhChPVKkvwSoCuyC_Td0MbR9hZVD31aGlPqMs7WxpZGEZokmb2juuMeIxNYIcRB5Y3lnAAijhQ
Frame ID: CDA8F234D3695953430C3922EDBA028E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 80C358125B501CA468F25C598DD87B28
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DEECC9D1662B9782AAFDE36DAD25D224
Requests: 9 HTTP requests in this frame

Frame: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ACC6CBAD946129BA5FC9A9093CA068A5
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNUizk8maXQx3y-D9WzvmeUJprX1AdaxAALcZ9BbuFXFvnt_NCz9TSysWzE4LKJnt5Snyx20u24ZqYE4IT2WEJOKpjQoPagbUPVx9X5eWMZ5PlyaHcAF8IA0i7NlXE2Jeb1I3QBjVx8jVHdRMVgyPhejKFy3IkFZsCeIh1SmK2RL2KpWoIs
Frame ID: 43F2A39AE8164FFE657DB353401ECC3E
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 56EE9A78CA88EEAE3F4972B3405A49FF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 810A1E71E2E473C64305CC2914FC6A6E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Where's George? - Official Currency Tracking Project -

Page URL History Show full URLs

http://wheresgeorge.com/ HTTP 302
http://www.wheresgeorge.com/ HTTP 302
https://www.wheresgeorge.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

Page Statistics

315
Requests

85 %
HTTPS

29 %
IPv6

50
Domains

79
Subdomains

57
IPs

8
Countries

3045 kB
Transfer

6788 kB
Size

52
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/WheresGeorge

Search URL Search Domain Scan URL

URL: http://twitter.com/wheresgeorge

Search URL Search Domain Scan URL

URL: http://forums.wheresgeorge.com/forumdisplay.php?56-WG-4-0-General-Discussion
Title: this forum

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/new-user-q-a-forum.3/
Title: New User/Q&A

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/main-wheres-george-forum.2/
Title: Main WG Discussion Forum

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php
Title: Forums Home Page

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/hit-celebration-user-profiles.4/
Title: Hit Celebration

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/two-dollar-bill-discussion.45/
Title: $2 Bill Discussion

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/western-usa.5/
Title: Western USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/midwest-usa.6/
Title: Midwest USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/north-east-mid-atlantic-usa.7/
Title: Northeast USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/south-eastern-usa.8/
Title: Southeast USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/bill-collecting-and-numismatics.9/
Title: Numismatic/Bill Collectors

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?categories/off-topic-discussions-wheres-george.10/
Title: Off-Topic Forums

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?whats-new/posts
Title: New Posts (all forums)

Search URL Search Domain Scan URL

URL: http://www.cafepress.com/wheresgeorge
Title: Store Home

Search URL Search Domain Scan URL

URL: https://wheresgeorgerubberstamps.com/
Title: WG Stamps

Search URL Search Domain Scan URL

URL: http://redfearn.co/
Title: Royce Redfern

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wheresgeorge.com/ HTTP 302
http://www.wheresgeorge.com/ HTTP 302
https://www.wheresgeorge.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 105

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1

Request Chain 119

https://pixel.adsafeprotected.com/rfw/st/1083870/64163091/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008203091&ias_pubId=pub-3565385483761681&ias_chanId=1&ias_placementId=17611869532&bidurl=https://www.wheresgeorge.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g9p-kETQANUrrv9PaUh6nC HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsdtfhVhDKDia9NSK2xVjAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsdtfhVhDKDia9NSK2xVjAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1

Request Chain 137

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D

Request Chain 155

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheresgeorge.com&sn=ChromeSyncframe&so=0&topUrl=www.wheresgeorge.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=_tdFLXxqNm9pOG9DQzJWNnN4R3ZvVG4rKzAxL3Y2M1hPNXhxVHJyZExQeEtNeTVnODcxbm5taGlLSzlEKzhoWjVqMW92cDhyajYvRlZhVXRwbk9QazFIY3VkOHpUQlc2MTk1bGQxalF3WERGSzRFMG5YK083STU2dXdSS0lVWlNuUTNybHJWODduZDM2ZmJWRlljTEEybENFTnNaSmtxeXpNdFJGaGRMakFnQkg5THpPbDc0bTY0VUxma1d0Q1Y2MVhsOGlNclBKTGFBNWhlYk9lM1BIU1VtMlVnalVvOHZYNkIxNHVKY1Q5aldTd3N2UDlWQjgyeUNJbEF2T1hQc1h5bWw4eHJXZEtjK3hvbmJMRjJZWlRDQ2Jhdz09fA&cppv=2

Request Chain 163

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=160027073&d_placement=339373691&d_campaign=28006261&d_bust=3909048188&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=160027073&d_placement=339373691&d_campaign=28006261&d_bust=3909048188&gdpr=&gdpr_consent=

Request Chain 169

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 206

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wheresgeorge.com%2F&domain=www.wheresgeorge.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=QRrO2XxmYjIvSUdkQVUyZ1VzdVdKWk1XYmlxMitHa01KYTg5elltWDZzT2FpalMxS0xKYWowaGdDeDFSNjlmSXFDUVpORW1YSHMwMmpONzFoS0NtWHpPWnQ5TVdpMkxWRk1rcTQwY3NGNEJNUEhUZEFINGJsN2pNcDlIalQyQVY3L3Z5amM4WEVRQmJHRHExSHJEYUMyQm9lMWQ3LzNtRzBGdVE0OUUzL1hoTzdpamM5TVhIQ2R3VEwzUzBOYTVyRWVNc2x0TndaOURHMnhWVDkzLy9CVHRobmZVZVR1bFVkdThpcGFCS2FCZzVZL1VyUFFrYWJSeGNCbVRCNHFNUklMZ2dLVWJWcGF6aUlwRENVRGw0dTl1Q1ZtaVdIMFRKemtJNXlUQzMxM3NOZS9Ccz18&cppv=2

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

Request Chain 224

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsdtfhVhDKDia9NSK2xVjAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

Request Chain 225

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1

Request Chain 226

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D

Request Chain 237

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB4iLtrM9g9o69dZKkErc3g&google_cver=1&google_push=ARnp8GDc6e687tAW3Ch9dtKgUNexCjD5y9pW0Bo_fta2DU5_U-7T8JcLyGJ9Of4VsCUOUbHd3SDv3seVqe3hKj49rcYnySoQ6cyAEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDc6e687tAW3Ch9dtKgUNexCjD5y9pW0Bo_fta2DU5_U-7T8JcLyGJ9Of4VsCUOUbHd3SDv3seVqe3hKj49rcYnySoQ6cyAEw

Request Chain 238

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMiqG2jbzVgP_-YnLHHUc_w&google_cver=1&google_push=ARnp8GDUa2rjf4HxIxmGnEZ4aGgM_slhQqoZJwZbpCPAcU7piG0ReV-VaNi4t7_ZZ7i0D9OpLPDuJv2duntH62hUTd6twrCGYkHzsQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMiqG2jbzVgP_-YnLHHUc_w&google_push=ARnp8GDUa2rjf4HxIxmGnEZ4aGgM_slhQqoZJwZbpCPAcU7piG0ReV-VaNi4t7_ZZ7i0D9OpLPDuJv2duntH62hUTd6twrCGYkHzsQ

Request Chain 240

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG4yM7v6L2OWWstggaag7q8&google_cver=1&google_push=ARnp8GA8JysVI82r9smA9Ww2BiRpOPVcYIkV7s-6FxivoeAm8KnFpJfstNLz5QgsMLwycuw4JTWDxAdVvgnc_FPq36nj82h3Lr5B HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA8JysVI82r9smA9Ww2BiRpOPVcYIkV7s-6FxivoeAm8KnFpJfstNLz5QgsMLwycuw4JTWDxAdVvgnc_FPq36nj82h3Lr5B&google_hm=i14LRjwDSQ2-Ev7GxuJ8wBQ

Request Chain 241

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPxttIzDVvxMnZvtoCctOgU&google_cver=1&google_push=ARnp8GBTjZWK9nIztg5bT3Hb0Ha2EoaqfKs35DOO1gF1ysuRHFuMlM3EaNPXHr5Lw80Llzo9PWHQmj8X6nd8J_eAuFAOn148auCU HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPxttIzDVvxMnZvtoCctOgU&google_cver=1&google_push=ARnp8GBTjZWK9nIztg5bT3Hb0Ha2EoaqfKs35DOO1gF1ysuRHFuMlM3EaNPXHr5Lw80Llzo9PWHQmj8X6nd8J_eAuFAOn148auCU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY3Nzc4ODc3NjgzNDE5MjgzNA&google_push=ARnp8GBTjZWK9nIztg5bT3Hb0Ha2EoaqfKs35DOO1gF1ysuRHFuMlM3EaNPXHr5Lw80Llzo9PWHQmj8X6nd8J_eAuFAOn148auCU

Request Chain 243

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJWUlXY1_bQxaKlLfP3ZtRk&google_cver=1&google_push=ARnp8GDf7eNVr-C1XGDpwJ9XEmSVJLQPesosnSoJ0X1FZbrZUXDM0wSM7vnyTHxhb8YeDNKeYkMpAFNVUfvLDRkgvIxvmDrS7lrAtg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDf7eNVr-C1XGDpwJ9XEmSVJLQPesosnSoJ0X1FZbrZUXDM0wSM7vnyTHxhb8YeDNKeYkMpAFNVUfvLDRkgvIxvmDrS7lrAtg HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 275

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEEfJhEBvqhCGMS-tw6d5ys&google_cver=1

Request Chain 277

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEJ5vKFSKdjY1N3wXgfPN170&google_cver=1

Request Chain 289

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJxCn01hdqr6s4oNBlaZhy0&google_cver=1&google_push=ARnp8GDYvUd-ubTcqq6VNHtaOICqv1FYRniaiVFd5WLybshhc2_c_YAUq16HSvVIaie54ytrqwKOuWkQNwocLLSyP7y6tA3sAccnvw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cp36FiKeTeu4mINqbLRGZw2&google_push=ARnp8GDYvUd-ubTcqq6VNHtaOICqv1FYRniaiVFd5WLybshhc2_c_YAUq16HSvVIaie54ytrqwKOuWkQNwocLLSyP7y6tA3sAccnvw

Request Chain 290

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECEGeeCi5uBXrxV2D3Ef-Tg&google_cver=1&google_push=ARnp8GDyUpy4MFoZ1XkEuHYp4cRGowe6tm_stYjrlsz5w9YfM6Z8paK1tob35pKXEPrkaO0HKnpN1ej8vIIgtf0BV8rdaIbqx2XjTw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDyUpy4MFoZ1XkEuHYp4cRGowe6tm_stYjrlsz5w9YfM6Z8paK1tob35pKXEPrkaO0HKnpN1ej8vIIgtf0BV8rdaIbqx2XjTw&google_hm=MTAzMzM1MTY3NDQzNTA4NzMyMQ%3D%3D

Request Chain 293

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKTC_j-eT3s1H-L3QkbEZ5U&google_cver=1&google_push=ARnp8GAaFFUBeMUibCdJXwrsQBz2rK8LhCPb6XqjzAH_Oe9yIKAjswZ8oKIpifnRDzphLZG5tyKmXnCYuC1sCjYIzXTIiTjwGG7S0A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCTzFEVEctNi05RjJQ&google_push=ARnp8GAaFFUBeMUibCdJXwrsQBz2rK8LhCPb6XqjzAH_Oe9yIKAjswZ8oKIpifnRDzphLZG5tyKmXnCYuC1sCjYIzXTIiTjwGG7S0A

Request Chain 294

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_cver=1&google_push=ARnp8GCq3Ias4dxKaMjWsxDr2ZMuzdj1PGZFy-B7yGoQ4Nly14EZ3l4PJfmdjKdLBHripxGDToxd8WqtmQrrOhRHCE0xlHDRdFg-XA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_hm=YsdtfhVhDKDia9NSK2xVjAAABFgAAAAB&google_nid=index&google_push=ARnp8GCq3Ias4dxKaMjWsxDr2ZMuzdj1PGZFy-B7yGoQ4Nly14EZ3l4PJfmdjKdLBHripxGDToxd8WqtmQrrOhRHCE0xlHDRdFg-XA

Request Chain 295

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEDyiL-2QCtPCDBk8WEdoijg&google_cver=1&google_push=ARnp8GDDGSckV8_tl-cpXUjNp6A7q6CfKGRlwck7epGbiQg_CcRJZlMAMAhZMaPxy8s93Xp7Pnv5N2lXyJ66oEcwCGnignQokZuH6Q HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ARnp8GDDGSckV8_tl-cpXUjNp6A7q6CfKGRlwck7epGbiQg_CcRJZlMAMAhZMaPxy8s93Xp7Pnv5N2lXyJ66oEcwCGnignQokZuH6Q&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1657236865220 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-5b386a52-ebf5-4d6a-a563-35fbc90b14af-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DARnp8GDDGSckV8_tl-cpXUjNp6A7q6CfKGRlwck7epGbiQg_CcRJZlMAMAhZMaPxy8s93Xp7Pnv5N2lXyJ66oEcwCGnignQokZuH6Q%26google_hm%3DA1s4alLr9U1qpWM1-8kLFK8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GDDGSckV8_tl-cpXUjNp6A7q6CfKGRlwck7epGbiQg_CcRJZlMAMAhZMaPxy8s93Xp7Pnv5N2lXyJ66oEcwCGnignQokZuH6Q&google_hm=A1s4alLr9U1qpWM1-8kLFK8

Request Chain 312

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDjVW6wlUjc_KgvZqo5GS3w&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDjVW6wlUjc_KgvZqo5GS3w&google_cver=1&__user_check__=1&sync_id=567c58a7-fe4d-11ec-80f9-1342c0320106

Request Chain 313

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=567c7406-fe4d-11ec-9acc-1e875f050206 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTY3YzczYjMtZmU0ZC0xMWVjLTlhY2MtMWU4NzVmMDUwMjA2

Request Chain 314

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1uYlBfQk1CRTJ1R2RJY3BSM1lEMnFabGFqSjZMZC52T35B

Request Chain 325

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMsPLv0FSO7_3X3wblhK1s8&google_cver=1&google_push=ARnp8GDlyOl35qQyizyyqxnzrLZL3g7iQpcrn3iYtSBrD2wygoeY0JR--DlkYCs8Ce0i5h7uq2FYovBqgAtT1hKwiStsW8-_ieM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk2ODYwODY3NzA3NDQ4MjY2Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMsPLv0FSO7_3X3wblhK1s8&google_cver=1

Request Chain 326

https://um.simpli.fi/gp_match?google_gid=CAESEGoS-JKeMQ3ICP6daPqg8IY&google_cver=1&google_push=ARnp8GBNDE4K1oUaXsMtxyDUlyLwPqVoMnvUUYFxgMidLkDaovZiXgPHJ8PTqltqmd-McBj97G0HKYw1GLjQXvDcN6ZwO7_6wC-I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=12C7168D98454C1D8FD2FF7DF76C2F79&google_push=ARnp8GBNDE4K1oUaXsMtxyDUlyLwPqVoMnvUUYFxgMidLkDaovZiXgPHJ8PTqltqmd-McBj97G0HKYw1GLjQXvDcN6ZwO7_6wC-I

Request Chain 327

https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEPBs79fup3zFKXMmgWetayo&google_cver=1&google_push=ARnp8GA_yVUMCInroXGVwi1tjNcV3I1riDQ1LS6nTAnFNGQs7_j-9NLyuxVITx3joLJ-sLAfryzr6kfmMi6kcJgAHF4ivW3yiWoC HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEPBs79fup3zFKXMmgWetayo&google_cver=1&google_push=ARnp8GA_yVUMCInroXGVwi1tjNcV3I1riDQ1LS6nTAnFNGQs7_j-9NLyuxVITx3joLJ-sLAfryzr6kfmMi6kcJgAHF4ivW3yiWoC&s_h=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CW5_7AL2TLSnsCYLsRE6sQ&gdpr=1&gdpr_consent=

Request Chain 329

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_cver=1&google_push=ARnp8GAJF9xCQWMfPueSjDhs1WlFAJ0LliVXAfo-8AJyAwdq2EOA1IBzOsD4tL1jyRQOSe1Xl7X7CiJd-fZrHau_5rx7ROCQjTS9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_hm=YsdtfhVhDKDia9NSK2xVjAAABFgAAAAB&google_nid=index&google_push=ARnp8GAJF9xCQWMfPueSjDhs1WlFAJ0LliVXAfo-8AJyAwdq2EOA1IBzOsD4tL1jyRQOSe1Xl7X7CiJd-fZrHau_5rx7ROCQjTS9

315 HTTP transactions
21 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.wheresgeorge.com/
Redirect Chain

http://wheresgeorge.com/
http://www.wheresgeorge.com/
https://www.wheresgeorge.com/

32 KB
9 KB

477ms
434ms

Document
text/html

2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90f7e583fbd484f79db863bd15a70eb5f8b111c517cf35b5cc11a261b1de0c0e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 727463e188ad9bef-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 07 Jul 2022 23:34:19 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKY8US0nZZQUTdEjqA78l2BmwS6kem82TAfHpsAewsU%2FQf%2BAtIfHUzcGmcKCHWTLtN2X%2BqeFIR8ip0gV%2F68%2BL%2BzZzcNKMkbH%2FPLKeo9Dsu9PHZ4r1xsBth5yGmTum9GcMnvZcDk20ZKI2CzWLCS0BPXU"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 727463df9a61924a-FRA
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Jul 2022 23:34:19 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qO28QtWbYFS7j%2BSa3%2F5W5YAJTHq1pF8W%2BstThMUraP2m2gF4FI1wHaN8cuOKw2mN3TnUkEIn36KWhb53H53iVwQl%2Bcjc5G9pQocXR%2Bqt%2F6e3wk7QrI5d9bGsmK4zWEfHFzUTMLvTzJI%2FeLGS1%2BoTBmz"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
location: https://www.wheresgeorge.com

GET
H2 200 wpJ7OnaoHqqN-SSFOvcy2VKlnmo.js Show response
www.wheresgeorge.com/cdn-cgi/apps/head/ 5 KB
2 KB 36ms
28ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/cdn-cgi/apps/head/wpJ7OnaoHqqN-SSFOvcy2VKlnmo.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d44418aef78b2e4586c639a6b4e57b4b9fc93a958bf2dd254b70553d51dd06d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11163164
x-amz-request-id: PP0W7GGM4E4HQX5Z
x-amz-id-2: MQAKEuiPtrR2YIajSjRdfrQ97EbbAIEhp83CHgSlgzm+PSEid/54D0XYfbIF39OF90u6Gj4COWY=
last-modified: Sun, 20 May 2018 13:52:05 GMT
server: cloudflare
etag: W/"936e534205b414d393664355db3c16d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGx5uRK5X4ezgT8l4WZJjeLga0ND8PFg2dqQoV%2FMtphzeuJx4gE8lyui4UTJe17dQrNFf66GZQKSJJMbLjqv2xp%2FuNsT2epqGWYCBTC2DBWiKRvS2ZylFJC4Yg0WFu5YHzFQO2WyR3LuiSqHKTOru29p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: unIJ3FFnfsyXqpBFcH8o6ddwQmEUXCMN
cf-ray: 727463e45b449bef-FRA

GET
H2 200 wg.css
www.wheresgeorge.com/skins/wg-green/ 17 KB
4 KB 471ms
462ms Stylesheet
text/css 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f0da298e31dd1a50b19d710bd787a8adce25afcaf4a89ba5fcf819c6662723e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 11 Sep 2019 22:03:03 GMT
server: cloudflare
etag: W/"4511-5924e2f6646db-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LXAGznGwHzn3Ac8g8p6qnMpVT0xNZclD7jBqPNdC5RwcbbG2D1YXCNaFlBQOQaxZAZvC6NDY7waM5OykQxaeApYRZTMs2bseZx2JRP%2BAFTeKOCVhUJfN%2F1MxAGS4NnRjjwYxUc3RPnIESYFE8ka%2Fow59"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727463e45b499bef-FRA

GET
H2 200 jquery-ui-1.9.2.custom.min.css
www.wheresgeorge.com/includes/jquery-ui-192/south-street/ 26 KB
6 KB 474ms
466ms Stylesheet
text/css 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/jquery-ui-192/south-street/jquery-ui-1.9.2.custom.min.css
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5948c940e4cd9dad9b958313b8ab760bfb85c7a3dad4332c6fb5f9ebb6ce695b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 29 Oct 2013 20:01:37 GMT
server: cloudflare
etag: W/"6934-4e9e6af248a40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJyzPg5a274vHSZGywBirxQlX8fXF2n2yLa0xGq8AgWplY6mOMD9Uw0aDyyjzQz7299frmSVCF%2FEIuT%2FOFDB54jDKhb1FivsDnp%2FOmz4zCm8yfc%2BDRfR9IpoJooNAfPPMYfR4UXepycRQ2m2Kxs%2FrGg5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727463e45b4b9bef-FRA

GET
H2 200 jquery.min.js Show response
www.wheresgeorge.com/includes/js/ 91 KB
33 KB 542ms
535ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/js/jquery.min.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 23 Aug 2013 16:51:37 GMT
server: cloudflare
etag: W/"16bb3-4e4a038483840-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7PE2GyedwKKNPJuD2iSrYC6bCASq7xKuooFZFsM%2BQGfEsAVogKgI2tBTTAks6hMhhZK67Kmn1UYGcFHDok4BeWH%2FwvtKvd7lYOorzLjmc5ZShEUBwlic7nrhNOeqh2GsnqkUQ3fD6M%2BsxRCTQTtdYCH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727463e45b4c9bef-FRA

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
www.wheresgeorge.com/includes/js/ 7 KB
3 KB 401ms
395ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/js/jquery-migrate-1.2.1.min.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 25 Jul 2013 20:17:40 GMT
server: cloudflare
etag: W/"1c1f-4e25bb7c6c100-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rS4k6aC7r0JCv81bCpb%2BRAKOL7FAGKlsaLn9o%2FaYb0tDWysTfyxoigNIPgX%2FmjdCoeZiNSbE99ym3ItlU5%2BP6qPah%2BwVSGcCoD0lH7IhncX1YdZPoTYtJWV68tr0jKTE00B3PGkp7hiQUqK14C7KvgMg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727463e45b4d9bef-FRA

GET
H2 200 jquery-ui-1.9.2.custom.min.js Show response
www.wheresgeorge.com/includes/jquery-ui-192/ 203 KB
56 KB 654ms
648ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/jquery-ui-192/jquery-ui-1.9.2.custom.min.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b571fcad8128b028fa991009315020350ef5e296d826df2c6c8b6367a1e8fc27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 29 Oct 2013 20:01:23 GMT
server: cloudflare
etag: W/"32a8f-4e9e6ae4eeac0-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lM0h2soGYgSyWbZ3vTkZwcu78Qr9KQNy5CumCANE6UR00ig36jlxLrJh7pFaFTrMsk0luEPs%2B4alxBaI7ZOehtP9Xh%2BYbvRg6kwo66EM66WzTrBU%2FQQm7qORquPxgZrIOVeG28GvYe74dFTkSBpcMEmk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727463e45b4e9bef-FRA

GET
H2 200 cookie.js Show response
www.wheresgeorge.com/includes/js/ 2 KB
1 KB 470ms
465ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/js/cookie.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c008b3684df8cf75f020bd759aa1f63d80456b77daf1076745be29ecdb9303a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 04 Aug 2013 00:21:53 GMT
server: cloudflare
etag: W/"7ec-4e3142dbc2a40-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z2ed0wiWs6kZS%2Fb9NSR3G3gzlBdbziTMlP0EiYDKuuLz0qIKDMeTTbb%2FQWwl0VQi2PwV90eDhwGMxS%2BPTAXPdAq7RXOD4dcJkJkODEN8ZiqtzTYixZk8mQxXBlOzTjQmzOMzAGCQIMiTaK1Vjk0DeoSH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727463e45b4f9bef-FRA

GET
H2 200 header.js Show response
www.wheresgeorge.com/includes/js/ 4 KB
2 KB 402ms
398ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/js/header.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd41b646250576c87600d36db00f6543440e3a07c73c69d33dfd7f7dafec08cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:19 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 04 Sep 2018 20:40:14 GMT
server: cloudflare
etag: W/"10b4-57511aa3d5e54-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK3teOfZTCNn11zpHTrjUYS7c2f2VeI%2F2P7iw6KqhtjZER%2BdTs1vkeD2BaAlZTNs3tXiXbGHgZzDVP7dKABq9owBELt%2F5EK2SOls2NYAYfDR3hsZr%2BEAVOiC4vh7UIF7WNC38PJJXAFY9x0ndckIDP1f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727463e46b519bef-FRA

GET
H2 200 odoticker.js Show response
www.wheresgeorge.com/includes/odometer/ 4 KB
2 KB 463ms
459ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/includes/odometer/odoticker.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2b35d9f73e68484712519c315b452b1331fcb1c5591505f3b556fbd8a3726e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 04 Aug 2013 00:21:49 GMT
server: cloudflare
etag: W/"feb-4e3142d7f2140-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fy9HRhXYQWfr0nVb5ifaIbGO3HxK97Jr7XVngo0mc5AbzBeYrjbDaBy3DhhFXoc9rt8pHVcDqC%2FpQWYQVSELa4a7qXWmCVzxm39lc8gn%2FtX8NSzj8jcPbVReTG00Mxh0cphwJ6knltbFUVuEwqxq1a3y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 727463e46b539bef-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 103ms
32ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

2c88c7412e06903ea591717aa0c95018a0d521d01bf4724031250dc867eb327a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28093
x-xss-protection: 0
server: sffe
etag: "1267 / 857 of 1000 / last-modified: 1657231719"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 07 Jul 2022 23:34:20 GMT

GET
H2 200 didna_config.js Show response
storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/ 12 KB
12 KB 200ms
139ms Script
text/javascript 2a00:1450:4001:828::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 78a36a168e5a010dfe5866561929b7fbfd0224b70954a20217f6e64401aeeea6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
x-guploader-uploadid: ADPycdufL4AofUyNTEOQZUUjT_-cSaxxAGXTrT3zUlwqn1-56vmtbjmnwMlJYY37LZ4SO7tEtkIyEdERItgQ8a7LBBTx
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12166
last-modified: Tue, 07 Jun 2022 19:08:28 GMT
server: UploadServer
etag: "d814b22cf16e2100e0917680206bf7d5"
x-goog-hash: crc32c=v3z5yQ==, md5=2BSyLPFuIQDgkXaAIGv31Q==
x-goog-generation: 1654628907903745
cache-control: no-store
x-goog-stored-content-length: 12166
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 07 Jul 2023 23:34:20 GMT

GET
H2 200 updown.png
www.wheresgeorge.com/images/ 4 KB
5 KB 132ms
132ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/updown.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56461ffccda775adce78f8b68d8ad28e5abddd893b7612ebd16344ccc6d66c95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:37 GMT
server: cloudflare
etag: "109e-4e3142cc80640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KaonTyNG1%2FLMb0zc2GeNFWRfMQ27pETQ%2FPqGfE5qyTSGUKF5aWN%2B45UPeS7%2FUWg%2Fvjij7TLOR5r%2FMk1mR0SW7rtXT%2BVE99tS455JnFjXrvLD%2B2A3awpI%2Bqvpht93CITSUKtM6SYwicaY1Y4UJxtCoaWU"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8af929bef-FRA
content-length: 4254

GET
H2 200 facebook.jpg
www.wheresgeorge.com/images/ 4 KB
4 KB 750ms
747ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/facebook.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3cb1db2d0a51e283ae6fc0d9cf5aef88f250ce5166bd994435d8b7d068cde87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:38 GMT
server: cloudflare
etag: "f8a-4e3142cd74880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spw7WUofRcAijkMoX5TC5r2V0Hke0D3Rx1f0XGgr951yE2st5GRQg3HGDPhOHMPydR1jWMqAToPrGcOvLu5SeXSJ6MvGFctXrs3%2F7Eza6At%2FOCWQCACRFzJrP%2Be7mr9ZiPdpzFfDYNKti37H2eP%2B4qqr"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8cfc09bef-FRA
content-length: 3978
cf-bgj: h2pri

GET
H2 200 twitter.jpg
www.wheresgeorge.com/images/ 4 KB
4 KB 437ms
433ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/twitter.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fedf7a96d9f67f560198fa4e96d5f49a5b25c1dd23d406169a0b3b74ea3968b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:37 GMT
server: cloudflare
etag: "f57-4e3142cc80640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kD%2F8vgb2Cl645cT4aBIYxDNs4FY%2Bs1WhUqWDFeScaow0hmOOhQGUI37rBIQS23Yi%2B4wPFB8DJG9BIi0ZIL9tprCuzYSkDLf5XwEBnMDe6nIcFHiCzsJZQcKd78xIN37CM8ZaGMSJ8OW%2FSvj37nThSBrH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8dfc29bef-FRA
content-length: 3927
cf-bgj: h2pri

GET
H2 200 pixel.gif
www.wheresgeorge.com/skins/common/ 807 B
1 KB 464ms
460ms Image
image/gif 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/pixel.gif
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c22dc3d31dccd54ee6cc46af4d6b0970e7c684bb32c3812b8371b0e271905b2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "327-4e329122dd340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cz7jv%2FdrbwFmz3Z6pEL5MfX%2B0swc1hB5ATNzB4vqzpai1lwdlLJ1wcEwLfV%2B8YRHBB745%2BYhx71d%2FMxxE5SryvM2pOaKM%2B%2B6ecy%2BZr9w9yoprJcscqzhB69FNa7zrx%2F83u5VoL9iSCozWMuHuLqR4bv3"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8dfc39bef-FRA
content-length: 807

GET
H2 200 dropback.jpg
www.wheresgeorge.com/skins/wg-green/ 868 B
1 KB 468ms
463ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/dropback.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 97aefe4a1c50e7bf4bd5eb810781749a1aa540fe755c4e1e45aa82414c0b5818

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "364-4e329123d1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BovRtlZYS6zcme9Hy1%2F6zKMgzMtFThZ3mZ67gUe8iz8RXPrgueJA%2F90NGuJZpZ7l33MKRKKP53%2BTtC6nwG5RUw7%2FYAO%2FP83D%2FaGA7F94f3chXMxV460zXqEoGMSjmuJGyB7h3wHN6XdWh22iZJz4ZDR9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8dfc49bef-FRA
content-length: 868
cf-bgj: h2pri

GET
H2 200 totalbillsentered.png
www.wheresgeorge.com/images/ 622 B
931 B 444ms
440ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/totalbillsentered.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b6bdedf30dce0674375bdde60d211a32d50fd18df2402730def2b8f2de7988d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:41 GMT
server: cloudflare
etag: "26e-4e3142d050f40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shUQ1slKn2wbLW32xe3IOxiS5vDp2e45Fl8wtSD1QCLPPiRuHcUsruiKzP2NL5FO1tc%2BtRepcZak5XL9%2FaZJQvz1qu7L%2F%2FspvsQwGtEQ%2B2wFMz%2FP7agSwuG5VIJAwCSM5qL%2BtDkc%2F8kccvS8hzrquWR9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8dfc79bef-FRA
content-length: 622

GET
H2 200 totaldollarvalue.png
www.wheresgeorge.com/images/ 620 B
950 B 401ms
397ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/totaldollarvalue.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0e17b1b2c8c884ef95858b7cce3c572ebdf32d5da4ca26a366dece88bda76a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:41 GMT
server: cloudflare
etag: "26c-4e3142d050f40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6Aruu2%2FZLPHkYCFVfj8s92VUQxcrHUxYJ93c8ZXavKDRbwJ%2BcQTyi3tjTnCZDgkQ0fKd4o9c1LKhYfmr8mqAN0ZIE%2B7olnBdQW%2BbS2OD8G4Ok0dzBVMD2s9H8ibVTO5nIB6mwW0w%2Bk5hz6WlpuMqidP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8dfca9bef-FRA
content-length: 620

GET
H2 200 billsenteredtoday.png
www.wheresgeorge.com/images/ 653 B
1 KB 462ms
458ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/billsenteredtoday.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbf2e4d7a491afaa7aa1d29ae72d71c78b5470f1d610b3eab6f7b9c8d6444404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:42 GMT
server: cloudflare
etag: "28d-4e3142d145180"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70G79BYTC%2BiTL1HseFIwwp3WyHVQ8kLuMhoeX5iW8eTfSNCsHVwO8Gljq%2Bv0rGBdWucG%2FOR7p0rdmoz1AbV5k%2BB9uFn3muVOr9N%2FK6LQH1S%2Bj0Ko%2BRfeXg3xKAAZCiMIYToeWIqj0p4vkUAA199AUTRH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8dfcb9bef-FRA
content-length: 653

GET
H2 200 hitstoday.png
www.wheresgeorge.com/images/ 453 B
784 B 460ms
456ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/hitstoday.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6f35733b79b1d6797353f4aa427becf64a36417f0e1ebce4da187e3ea9341d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:40 GMT
server: cloudflare
etag: "1c5-4e3142cf5cd00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mDJBzFA6trLHry7NKwAox%2Bh0rn0H4F14gXTvWBbYqMgJ75mZ0aRkBq6CoRx%2Bq7rpZrIGdbAsFhlrui6HIDDNkvzWlngZ02pM06%2BjDsbJm0ZOyICPcArBw%2BdimL%2FjKRKB6KB%2F6Aabv4evglYxw6Fbf50"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8dfcc9bef-FRA
content-length: 453

GET
H2 200 dollarsign.png
www.wheresgeorge.com/images/ 331 B
633 B 465ms
462ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/dollarsign.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 222cbd44beda0de2293c5eb373dcbe8ef2a81dd8c67b364224bc3ef2061d3354

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:40 GMT
server: cloudflare
etag: "14b-4e3142cf5cd00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frkkfG1X6AmFboM7UkWG0fbWAfz4BHl4D5ysLwucSgbLFVwDcVYF2yZOOBw0gKoJDy7WnBxgA83ql9MJRabH1YDmEM1XSRXPuF%2FbeNWvDix1xTyqXYfm3c8qBbxXhHUWtUtxjyrmIRS8PVqY5nMt9z7t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8dfce9bef-FRA
content-length: 331

GET
H2 200 shiftleft.png
www.wheresgeorge.com/images/ 482 B
919 B 1675ms
1672ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/shiftleft.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3ed2d3ba588437ab0954941c0edd797482ed06264b1ca9e6806ed6daeb07b43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:38 GMT
server: cloudflare
etag: "1e2-4e3142cd74880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COXyp5j9JTHjbDQYe3hqXTnm9geYR3rqFlzNLuxrpLlcX5ewkA0ku5CI0XdezWSG1vjbRJ5UZAVmJwG8IExsW8GP7oTvuvBXmUncq5VcvQ5xWcwURvJP7kScWoNiSQ20M4d7W%2BKgxFVKpM9Zxr3DixGE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8efe49bef-FRA
content-length: 482

GET
H2 200 shiftright.png
www.wheresgeorge.com/images/ 476 B
851 B 1598ms
1595ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/images/shiftright.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27c167a66fe7195d6169a97715a3becf7e3d5892a12b2825f77959d1c21bfaa9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:40 GMT
server: cloudflare
etag: "1dc-4e3142cf5cd00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g3WYZZpim0kLQR1jT6WDdBDZYKOC5F4WTvlx8nnjmxCtaaunfsarnM5PPBC4hVOxEGjJQ1%2B5I3FPcJhNtNPswGZVU94fg1PyP6cFyOzjHWYtnIe%2BmHm%2B5Y98BVYDaVplqW8gEBsV5EjtRO2154FzkXYW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8efe59bef-FRA
content-length: 476

GET
H2 200 vjR-JvKboGM0k7UaLR-M2ocVDUM.js Show response
www.wheresgeorge.com/cdn-cgi/apps/body/ 3 KB
2 KB 46ms
43ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/cdn-cgi/apps/body/vjR-JvKboGM0k7UaLR-M2ocVDUM.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/cdn-cgi/apps/head/wpJ7OnaoHqqN-SSFOvcy2VKlnmo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea8dcf94a62e4ac82246b2224d85052c2308c4c8123dd8b2c4c154cebe9b47f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 74931
x-amz-request-id: REHT9GJBTBF4BXMH
x-amz-id-2: BRTrGFIWrRjSzgOFZGzwMFjUD3uhfIw0XFFZEkfL1em54ByMM0gV9cLLPpsqEnLtSA3kWvXa5iw=
last-modified: Sun, 20 May 2018 13:52:04 GMT
server: cloudflare
etag: W/"39fbf6c21b8ff6ff3a490e69a4fb757e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wu8q94MRPdIEni%2B5YfmEDUc92Pm6HRjoYmKoDMJzTMIrDETeHBUKkBTMf863wsUBKJMhrlFMJjHKqK5CdsopltZqFtqU4FscYvpkSQocod9WOQ87g1V3knALxwOL4S%2B4qgnmcRDaZzP6BAwrSiuYBLbU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: CoNkkylYkt0wMB4UqLQPntJ1JMFymTAa
cf-ray: 727463e8efe69bef-FRA

GET
H2 200 wg-back-3t-dark.jpg
www.wheresgeorge.com/skins/common/ 121 KB
122 KB 1755ms
1751ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-back-3t-dark.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70751679ec1e2f27cd958b14c2b87f5b1b7fd4e7fbbce340bb3ca6f8dfd82d0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 27 Aug 2016 21:09:37 GMT
server: cloudflare
etag: "1e4a0-53b140c66c640"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aX5GEuvJSzZRNsr3zghCfIpcm3fyviOq2F%2FXi28I3%2Fy%2F7UzVBml7YY%2BttXGWY1Wj7hcZEdrJpQNpyn7ig7pDzIvVBNJCPhXeHsMw%2BP7t3NOsh%2BSY9riAONTnNz7KnHNBy3PDYzCRxGJ%2BBaayyqxUvBqI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8efe79bef-FRA
content-length: 124064
cf-bgj: h2pri

GET
H2 200 rthf_opened.png
www.wheresgeorge.com/skins/common/ 2 KB
3 KB 2037ms
2033ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/rthf_opened.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0426dbe67dd4f52df684e50d0e6d33f68f73bd83ba416b7e26b1227a61585d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
server: cloudflare
etag: "96e-4e329121e9100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0An7o2eyuq62bzMrhFxT3FRYdaTIF8c%2FzyblYkf7qwRTjNpqvgF8Esw1XHEy494%2FaL1dkfmv8SOt5KKFuzUaIBYigr5dJj%2FP1qQE3yi1I34jTPJitpi1ywBZlG%2BPbODvZ6k5Se5AxJp5QybSrpGrlo9e"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8efe99bef-FRA
content-length: 2414

GET
H2 200 announcements_opened.png
www.wheresgeorge.com/skins/common/ 3 KB
3 KB 1678ms
1675ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/announcements_opened.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29c7dc1333487ffb5ff8332547585101be64e8323c334b6542092bf21e4f1fa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "b84-4e329122dd340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snoAsCnUKdlUuXzrE8j%2BS5CBXgz%2FTBri6mEtTRsDHPX5H3%2BieWPuor%2F88mzTPHr5iE5%2BYF5kKQFP0TmtZFOEMkQ%2BU5fuAsYYF0pbYmpZnpboi2ady4cMKAq0BCHnLjN9cK0SaXPO1Vc1grG0SnRWDyeE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8efea9bef-FRA
content-length: 2948

GET
H2 200 page-border.png
www.wheresgeorge.com/skins/wg-green/ 49 KB
49 KB 1798ms
1796ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/page-border.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bd2a2b65fa258c88704613fbaa9261c2ace4b5d8fdaec5e6790efa4554e13ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "c40e-4e329123d1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FQNbpOXU8%2FkmSD5fDqt2y2RlbUM0K3b%2FdpFuxg8sFfxutLJBlcxEOVirEEPrM8dUmJTUlIFeZdNuWTxnziJd6CRHwnFkhHkqmstPohl%2Bgkmu10k3BntWh%2BtHd0zF1KymTOCqDqvP8VWxfTZ5F5Mgt12N"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8efeb9bef-FRA
content-length: 50190

GET
H2 200 wheres-george-eyes2.jpg
www.wheresgeorge.com/skins/common/ 40 KB
41 KB 1533ms
1531ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wheres-george-eyes2.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f554402586b6d6141a35ff7838ecb350f34b95632f489dd26230c748293a24f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Dec 2016 18:16:10 GMT
server: cloudflare
etag: "a1c1-54329a1c02e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KT8JyBXI1SnDOdPeknX2H08WqH50tay2sH5TsZAmrSculR22ukTkguYL6QRl1iSEbygue3R9XpgvEku1Hc9zBM4u8XjUIWNRj%2B%2FNsHC6C8koBpeKJZVTxGrWEa7UuZbEKQ8hsTZT6VeeIPiMXKNu41SY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8efec9bef-FRA
content-length: 41409
cf-bgj: h2pri

GET
H2 200 wg-header-top-center.png
www.wheresgeorge.com/skins/common/ 18 KB
19 KB 1751ms
1749ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-header-top-center.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce531eee4c5fdc685dbcdb1470072755405690fdfdd930a6e22e463f78d284e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "4938-4e329122dd340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtjXqDIUYKgF3zPG6RYHkVOsKUep1%2BpDib%2BhZDJRWPWiZ5SsO7Was94oioa547pnQVWRuag04CCTqT%2FIfVUTC%2BpbZYlxhX8AM1vXp3HJs6AsWz5ID1ufisSJM8OLCZ7gLYMZ91QEtnOYOprl%2F1ZZGrqn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8efed9bef-FRA
content-length: 18744

GET
H2 200 wg-header-top-left.png
www.wheresgeorge.com/skins/common/ 40 KB
40 KB 2420ms
2418ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-header-top-left.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78c19f0f48c2039268244bea64d0c0d6b0e99739baf0706c043f4a7fa5b9a49f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
server: cloudflare
etag: "9e8d-4e329121e9100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1FR9AVbqwZbbySk7ekyTBgcEvpw5WX38jXbNvi7YyX7v8xZ2FnUZk408SJZwFtFYutVB0r850rHUnJlDVOuHTcFm6rqpVSBJvyaTiZdKQhnw33y%2FjMsB8hoFdafkU9iGLM7lI0wnFxwaZeA6pSmuU%2Fr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8efee9bef-FRA
content-length: 40589

GET
H2 200 wg-header-bottom-left.png
www.wheresgeorge.com/skins/common/ 21 KB
21 KB 2261ms
2259ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-header-bottom-left.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f64f12e5474480f9b66cd6231874622c4e0fbc168d7d9708aae94183f01e6a1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
server: cloudflare
etag: "545b-4e329121e9100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNLBrnh8G7FfJWHHtfubVDKHxkaOlfTazQ%2FEWZjVvf5QC2lsRMUF9EEpyHag7c0vwoRkoYPghLMw4o8sTKXYC1fYnzxcevUBAR%2BDS8h9fJaG8UYb9JqGD4qfikBdWImDQrtYRl8zDLUMTZz6DXUZMg6G"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8efef9bef-FRA
content-length: 21595

GET
H2 200 wg-header-top-right.png
www.wheresgeorge.com/skins/common/ 40 KB
41 KB 1732ms
1730ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-header-top-right.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fe82976b037bfb21b0977871949ca3ecc4602f5b90c2b7c7b322068a2cc5341

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "a163-4e329122dd340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFGlcIBUYZ0wvVlNB8jLh3KgAVqi2cd98jl3%2BCcIDH%2BuDs9Cnz3epxLQh%2FdExopt2WdcTNq28QijyNrW%2B%2BVavYzD%2FyrcCPV2ZYSPq8GE39bIbTaIFtNdesRK%2BLV%2BFtoHQQq6JZpiW9Bba0Z4guvwFeSu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8eff19bef-FRA
content-length: 41315

GET
H2 200 wg-header-bottom-right.png
www.wheresgeorge.com/skins/common/ 19 KB
20 KB 1733ms
1732ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/wg-header-bottom-right.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b8b2da42e63cfbe1929809bf08001dbc90fb04da686e8f1895c96c2e3476586

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "4d53-4e329122dd340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEuTVZYcIXjY8%2FrRljJuDW9dLbjX9UfAkpc0j5B3jzb2oemyAc4L4wIU1NcYVs5%2FduCxLWx2gXGUkb%2Bh6ANYSm6rFSE%2FGsRUwBB1XDUq4z%2F6yyuZOyBkzQOcd9%2B6TPqcF4bzxnnfPwGCqsVQXvN5wBRH"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8eff29bef-FRA
content-length: 19795

GET
H2 200 glass-logo.png
www.wheresgeorge.com/skins/common/ 4 KB
4 KB 1463ms
1462ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/glass-logo.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a64debb73115b6e4bb5816aad62b1af7c6584b2139d9a2d9480dbf4220561c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "e22-4e329122dd340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EaVJBi2df2M%2BoLb7oMCrepyEfQI1vIoJ8Hn9QfZwqapqkVyVlJn8PxndbATeK%2FfpHWPkk3kg%2BHtnnsuFq%2FdzXdglbnKo8CFfMC9wWL8GaBihLUVTuj1rpmIBam%2Flj48IeC1fkieOXQ4bMHNKB8uYV9Y"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8eff39bef-FRA
content-length: 3618

GET
H2 200 nav-background.jpg
www.wheresgeorge.com/skins/wg-green/ 4 KB
4 KB 2748ms
2747ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/nav-background.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e73d4b74d14162b1d0b2d35585058d806f07513b84aa6cbb2d8e9fa51be9d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:23 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "ecc-4e329123d1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2F9p8obj0oa282PJQhsFO9GxLXikZ9K8%2FWTm7oYUW9dPazfyf74ghMMdRUKvfXTAZp0pbGACcRLEG9yX2QqXjSUmKyqdH%2BcMjek7NAlj5kPwccuHw2VUWRg2mTLEVTGUWcLMM%2FjQJh%2F0Jz%2Flkj9HFBax"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8eff49bef-FRA
content-length: 3788
cf-bgj: h2pri

GET
H2 200 pubads_impl_2022063001.js Show response
securepubads.g.doubleclick.net/gpt/ 374 KB
128 KB 22ms
21ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 21:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130816
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 07 Jul 2023 21:44:14 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 102 B
114 B 70ms
29ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

1d3bcadfd8c6c942428d4da05a4f74d77c3ae116691a1b7134edfe6381a2530c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Thu, 07 Jul 2022 23:34:20 GMT

GET
H2 200 nav-sep.jpg
www.wheresgeorge.com/skins/wg-green/ 722 B
1 KB 143ms
143ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/nav-sep.jpg
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cc6470204dda1b6135b76c42ed59cefaed8dead87385d110742669f54d4b054

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "2d2-4e329123d1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGmiIl76ebGokOOmtB0Txcyx6pvGLC0ND%2BCxrWBOV0mLySirwSShBA5c9ktZppPA7egRsvJvi%2FdeXGe7nJwHtmhrA%2FdRXGcqipTWE%2BKvI2NOn1X33RQEym3%2B%2Bbm783cMDPW1142pHSK7%2BzfEg9BZX9hm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e8f8019bef-FRA
content-length: 722
cf-bgj: h2pri

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
20ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1769
date: Thu, 07 Jul 2022 23:04:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 08 Jul 2022 01:04:51 GMT

GET
H2 200 found-a-bill.png
www.wheresgeorge.com/skins/wg-green/ 69 KB
70 KB 2877ms
2877ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/found-a-bill.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da4f3b2e0ca2bdad54c77c30fe4e209f95fc88cc5d67cfb42e66c9d0259ac144

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:23 GMT
cf-cache-status: MISS
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "115eb-4e329123d1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fn6mX0T2RXNUY7iaOvaI5znoT5La1mV5dvz98X8FyokppI26nhj3VSP%2Fhb8Y5qKAQNdDrP3jtC2KDqLT80GLevdTwchPUh9Ot8NFQjzrSChyEqoKAqoOIyKhhNcB4be2ezbu91YcvYsgRmyDC%2BORn4Bo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e908159bef-FRA
content-length: 71147

GET
H2 200 enter-track.png
www.wheresgeorge.com/skins/wg-green/ 70 KB
70 KB 2718ms
2718ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/enter-track.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabea06371ff3f26ecf21fcac0c279ae3bd92f787624d3215bc6ba3121c4806c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:23 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "11728-4e329123d1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NQvhNoezWlcAABBTaj2N95om77R63Pz4PQAAi%2FoC2ApHOxVRGmFLJiSNn0nQBUxnhfIb0ne%2BkpGBTAj5hxeIJ3q0sSDhxcRZcT41X7NEhwYpHo0tPJhoYv0GCmxQvy02t5hZlFQ7xS%2FDgawUWpkRwot"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e908169bef-FRA
content-length: 71464

GET
H2 200 footer-background2.png
www.wheresgeorge.com/skins/common/ 165 KB
166 KB 2709ms
2709ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/footer-background2.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d71892deb8ef0496585f4d5a5199b23eebcd595b8acf7ddb92009b72e31596

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:23 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 08 Dec 2016 18:17:01 GMT
server: cloudflare
etag: "29430-54329a4ca6140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UN2hX23WJwacandy2IVqrPGWUkSno14vNYsDnf%2FpkhYOnIo8XPxLmQsqff9WoYjMCkwqQDQ0g3juZ%2Fs34E9obFCYKOuwAd%2FedOYxH9pgdt0BIQ6t0NMXJCQMaVjhjIXu0xancl7GO6PgHUB%2BJDBQ4Xbc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e908179bef-FRA
content-length: 169008

GET
H2 200 footer-bottom.png
www.wheresgeorge.com/skins/common/ 197 KB
197 KB 2719ms
2718ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/footer-bottom.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c1d9973ca5c62cf51fbb097b24568a2e8ac42584bcbbb3f3d40db6d5ac7a1bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:23 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
server: cloudflare
etag: "31265-4e329121e9100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aibu%2BJVQX7G5YJhzUyeSVFzcc0DKiHwqKCoS%2BafnwExtNE%2BEXyzkzXXeCwlGS0cyJroZSSPRxukhMADHECDIRxc1E5Z%2FAYwbyaQphLUP3rNIZDny1qa354v%2FEW4eBS1w906qKQI0qZo1A7G2zKs9iDq5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e908189bef-FRA
content-length: 201317

GET
H2 200 hitfeed.php Show response
www.wheresgeorge.com/ 6 KB
3 KB 134ms
134ms XHR
text/html 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/hitfeed.php
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/includes/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ff058a1eedbfa983c9457ecb224f1780a75523d0410d164c3ac6855ae75ebd5

Request headers

Accept: */*
Referer: https://www.wheresgeorge.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xJyHpfVIvkzYJLdvDw1H0qrEytM4Qg8nSlDYrh3SFStG339o1BvoMAK48QHf0HylQBnu8qJ0np1LrZu7FFXZ6u2THeVMLFrMaDDrSm1MQGjtqzewjL%2FA8PAw%2F8Qjvm3zkMUE%2BCKHD%2Fqwl75JvKriHCm"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 727463e9282c9bef-FRA

GET
H2 200 top-ad-background.png
www.wheresgeorge.com/skins/wg-green/ 406 B
712 B 2954ms
2953ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/wg-green/top-ad-background.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7fae18de875f131f9962b002379d31c5b0f33a917be900337718f66877948b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:23 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "196-4e329123d1580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJINTYdh%2BaGlW2q58%2BV5AeZIlt7lB4tuvIn%2F1gjIWYbueGDi7gtchqOnQysNdIQT5lKJ61rGleClUVtnSLWnHq6KM5AyOUVwaCtLhtPT1%2FuctBBIlODCvdJDwYuD76C7wl53vDS%2F7pd9YNm8Znli1xya"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e9282d9bef-FRA
content-length: 406

GET
H2 200 close24.png
www.wheresgeorge.com/skins/common/ 50 KB
51 KB 3651ms
3650ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/skins/common/close24.png
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8731b24cdd3437a8da8618f85194973a5b248ec42a27adaefe618e3257214cf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:23 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "c933-4e329122dd340"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fE6Gq3bT2m9wYXSsAWpRt2aBEYjyzyZFqhT8WikzOV5IpSHSee1FONCPkyPjyS7syvcODErHI7SGWEiBD7BzLg8kHxMH0FcUjI3VLeUPB2PAlliIi0O4F4c%2F3FjwqJlRO8fFoiKhr%2BlXWvbr2bRh%2FjTM"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727463e9282e9bef-FRA
content-length: 51507

GET
H2 200 georgemeter.json Show response
www.wheresgeorge.com/ 58 B
413 B 3695ms
3695ms XHR
application/json 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wheresgeorge.com/georgemeter.json?_=1657236860114
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/includes/js/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf638dc485c7779030c4ebfcedb3a85bde91f647712dd852cb0a5f974896cc2a

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.wheresgeorge.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 07 Jul 2022 23:30:01 GMT
server: cloudflare
etag: W/"3a-5e33f76f682b1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WVaoZGQIsdP1DAuhqYHS2p8FcUzFtRQviuFj1X8V4USK2y2U%2FKQECzladvEtNVLHdTBmppRazETobLi29OZKVbT75bjWKlprlqpdKvvBuRHa70QdKTITq1Hf2i1wJkgiRhLcH4TqoZbTCHmpW%2B4cP0g"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 727463e928309bef-FRA

GET
DATA 200
OK truncated
/ 546 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 191ad33371b27fc1982dd92307fc8961c2f6d8367cbad961ddb47db9e6ebc170

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 65ms
26ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=259042230&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wheresgeorge.com%2F&ul=en-us&de=UTF-8&dt=Where%27s%20George%3F%20-%20Official%20Currency%20Tracking%20Project%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1414071091&gjid=1658744947&cid=526263631.1657236860&tid=UA-1469661-1&_gid=1260488133.1657236860&_r=1&_slc=1&z=1955656677

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 186905-129106728116453.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 83ms
19ms Script
text/javascript 23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Jul 2022 23:31:52 GMT
Server: Apache
ETag: "da3017-930b-5e33f7d92700f"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3493
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 12789
Expires: Fri, 08 Jul 2022 00:32:33 GMT

GET
BLOB 200
OK a2856971-fdac-45ee-b202-e4fa8d5f6543
https://www.wheresgeorge.com/ 564 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wheresgeorge.com/a2856971-fdac-45ee-b202-e4fa8d5f6543
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 564
Content-Type: text/javascript

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
394 B 139ms
44ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186905
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: a1b0c8f5e1ae97f2d710487ab8ef30aef511de8af94cebd10fc6ff811d1d6759

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 06 Aug 2022 23:34:20 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
364 B 77ms
27ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

GET
H3 200 didna_util.min.js.gz Show response
storage.googleapis.com/didna-prod/latest/ 243 KB
61 KB 65ms
21ms Script
text/javascript 2a00:1450:4001:828::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna-prod/latest/didna_util.min.js.gz
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 95e3219c1064e6c9213543d8df1ee2981f1b2124160904e6289e83a45393cfbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:44:15 GMT
content-encoding: gzip
age: 3005
x-guploader-uploadid: ADPycdvFFKQWT4B3xpEj44aGnsnv7GcuN4rXw-ylxFrv6_03FH7SgRRBuMMWW2j1668AwchjbH2hREx16yHPGbOCZSogFQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62324
last-modified: Wed, 15 Jun 2022 15:49:43 GMT
server: UploadServer
etag: "8636b07247daf96ee0f31c8071ad03b8"
vary: Accept-Encoding
x-goog-hash: crc32c=O7OY6A==, md5=hjawckfa+W7g8xyAca0DuA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1655308183279329
access-control-expose-headers: Content-Type
cache-control: max-age=86400
x-goog-stored-content-length: 62324
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 08 Jul 2022 22:44:15 GMT

GET
BLOB 200
OK 7e003a98-6fee-48cc-bf34-9f58ea6707ef Show response
https://www.wheresgeorge.com/ 444 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63204a4366f70331c617799720504e257d997307ac8dbb414c695613aa772e2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Length: 454682
Content-Type: text/javascript

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/ 233 KB
50 KB 67ms
19ms Script
text/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_util.min.js.gz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c2e6d4960983f94815d55921e87f40d9e4cb01f16703c7a8652fa4561fd4dbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:20 GMT
Content-Encoding: gzip
Age: 2247
X-Cache: HIT
Connection: keep-alive
Content-Length: 50790
x-amz-id-2: OfL42pcm2l6v8nVqmnHdldWv1QFsDnMEte800JDnqZM7s0NcaNMzkB7hjUA4C9mfVgnnLYmQGeI=
X-Served-By: cache-hhn4035-HHN
Last-Modified: Thu, 07 Jul 2022 21:37:35 GMT
Server: AmazonS3
X-Timer: S1657236861.764196,VS0,VE0
ETag: "1ab7f23cc508e705c62657adead3e30e"
x-amz-request-id: P5469PRYWD2SQETF
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 2

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/159745/4535/ 223 KB
71 KB 75ms
20ms Script
text/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna-prod/latest/didna_util.min.js.gz
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3a039320869dbb5fec283340eb73afcbca4522ba97a738b5eed610d0daad145a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 16:30:39 GMT
server: Apache
etag: "1520db4-37a69-5dd7d18c8579e"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=111694
accept-ranges: bytes
content-type: text/javascript
content-length: 71920
expires: Sat, 09 Jul 2022 06:35:54 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
939 B 78ms
26ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2630069
x-amz-request-id: tx2c2a7f1003e44e2d861b5-00629f4bc7
x-amz-id-2: tx2c2a7f1003e44e2d861b5-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksnsL9fhWI9BrikCPCJDZwwVagr9BpjdY3RNSZhvZlV%2BThUrXLdZD4BZYGFRnfZ2Ou0XJbGTKQVOpnMfXb2Wi5Lpcs4XhytjH84mxK2FUmjMyBwSO7mkQQkf7Xcc9acUzNcOlSjhwSFF6RZH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 727463ebd9006961-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 180ms
113ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5d677122a9b90a2c222c83a3b5b87c66c62724995371c1e70cc563eb18c6f5eb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:20 GMT
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0bee2ab3-6c64-4ad3-9320-6d302d0d5d0c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
643 B 229ms
169ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=360263&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223681b2885f2aea%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.wheresgeorge.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.wheresgeorge.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22435aa621090fc%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22360263%22%2C%22sid%22%3A%22728x90%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22360263%22%2C%22sid%22%3A%22468x60%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22360263%22%2C%22sid%22%3A%22970x90%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c15e7fd67144f03060690dc3622989daad64a9c39e825ca30e2beb532b8536

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7N%2Foduxmw%2B4Fk73TL3fvTC%2BkmFaxSpmCdUwFW6gs8e6mN4gRhmToYpJkyQJOuHG%2FAAMw0RBIb8f6anC6vv1pOcVmWIooM9xZssY8nEF0VbcLoE9Yqp%2FSqoxFgB4ADQiWAU0RQfb"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 727463ebfd41693a-FRA
expires: 0

GET
H2 200 arj Show response
didna-d.openx.net/w/1.0/ 73 B
384 B 100ms
41ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wheresgeorge.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6daadd74-527a-4aaf-a3c7-d1c3b80bffe4&nocache=1657236860726&aus=728x90%2C468x60%2C970x90&divids=leaderboard_1&aucs=&auid=540256503&aumfs=50
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 5391405988a0a888b723140b13d61c647396d79142f5f5cdfb024da6866f5860

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 258 B
1 KB 246ms
96ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238888&zone_id=1178360&size_id=2&alt_size_ids=1%2C55&rf=https%3A%2F%2Fwww.wheresgeorge.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=6daadd74-527a-4aaf-a3c7-d1c3b80bffe4&l_pb_bid_id=10314a4cc92236e&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.414719156870464
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ea26541328e32b6c464911d166b8e8100b2b0992260d6937a0a3ade3b677ab32

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:20 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 258
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 124ms
31ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7077300fa&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: f9e8d20ef12326ef36bf564e60235ee70cf4e754e2834432286acc954884e983

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 124ms
31ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d6b9bc00f9&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: c6c0b4e21c6124aad5592c58586d1a7941990662a9d5e896e564eae1ad02d4c9

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
296 B 121ms
29ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d45d4400f1&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 5b4334add6dee04212cda4a51a60a525eb694b2934108b340a91839ba913a6d7

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
280 B 89ms
29ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Thu, 07 Jul 2022 23:34:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 4
vary: origin, Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
120 B 347ms
174ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Thu, 07 Jul 2022 23:34:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
581 B 108ms
47ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=360066&u=https%3A%2F%2Fwww.wheresgeorge.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZ%2F87Z7uWWAcNCf8AnEh8%2BSgS8UdKhNb9J3Dm4GrOKGcHG3eFfoARF4AC8et2lf%2Fm1Q1oddZu9Wb%2FzY0r08zWdiDr%2BftWpLIkBO3TOyK7WB2tq9OCVmS7HW35EuneuAiA2GWIvm%2FHI0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 727463ec199e693d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207071418/ 202 KB
65 KB 19ms
19ms Script
application/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207071418/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/MbZTQS496EB4Sd27ILU4rbHXnJ8/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ceb3e21b12cee2d7b06c11af67a1367200453771fc881522a6715e9791ff22b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:20 GMT
Content-Encoding: gzip
Age: 557
X-Cache: HIT
Connection: keep-alive
Content-Length: 65838
x-amz-id-2: 7YGQp4leUQAiOo2k4ZpMLpDFhkovf55UYtecj9kaDOFoPRjVJuG/go9MDW1mSmSgdN2Red7dgqw=
X-Served-By: cache-hhn4035-HHN
Last-Modified: Thu, 07 Jul 2022 18:23:52 GMT
Server: AmazonS3
X-Timer: S1657236861.810674,VS0,VE0
ETag: "f4c37d707ef7f62f1349c31a7d55a10a"
x-amz-request-id: YQHV3WVT88SN3B1C
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 921

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 65ms
27ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2618491
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx0cd42535538f4d9eb47e9-00629f4c35
x-amz-id-2: tx0cd42535538f4d9eb47e9-00629f4c35
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKowJZLjCoQodhSuFpJQaQHh%2BcBPCS6PvDPIrFRwowrCklD6r%2FNU1Y5nr15gjRrvi2AThA7CYUQ9dMIDE3EGIHdBJctY94ssW%2F6R5ot%2BzK7lXJUPiaT760epgiCRLbO99B30k8pHMl9WrwDm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 727463ec48cb9101-FRA
access-control-allow-headers: Authorization

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 226ms
176ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Thu, 07 Jul 2022 23:34:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
314 B 134ms
134ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=360263&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2223a96a16f01bc24%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.wheresgeorge.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.wheresgeorge.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22249546155245dc1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22360263%22%2C%22sid%22%3A%22300x250%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22360263%22%2C%22sid%22%3A%22336x280%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 256f9a6884f0fd687db14173b1e1cf16afd2a304c56765c8bb9a29e931522423

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3HtVqmNu9J84L%2FK%2FdxTDLm6uVFHsr4S54egJfij26rFvldUCi0K4dF0Aojfu30jAd%2F9dnXqAZ0eZwta2zZA%2FpAvou1Za3C%2BdY4GqYbB1J60bMXcFTTgjVt8iOfmcpgHAu3Hr7UM"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 727463ec6d9b693a-FRA
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
133 B 31ms
30ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Thu, 07 Jul 2022 23:34:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 5
vary: origin, Accept-Encoding

GET
H3 200 arj Show response
didna-d.openx.net/w/1.0/ 73 B
101 B 58ms
38ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wheresgeorge.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b1401fab-9ef2-4466-bdb2-1adae9ec4cec&nocache=1657236860858&aus=300x250%2C336x280&divids=rectangle_1&aucs=&auid=540256503&aumfs=50
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 31fa6af9ec279ad519910e41fbb5501723d92e666ffcedf8fff4d3b3c12c5dae

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 155ms
112ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

c8897a51c3ce73549ac19113a25c117e092efff90e1233adfdad32376bc86f67

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:21 GMT
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f7649a81-b705-4c90-a375-184d46038c39
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 31ms
31ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 89db7a5e9d6bc7ec69055c53c5f85653706049ca08ee1bd50fb1d79235143152

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 31ms
30ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5637f00f4&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: a00a3d74bfd9bf4d11b571bc44134fcf0a31b0a98f04170c89c526c080eeffd7

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 211ms
106ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238888&zone_id=1178360&size_id=15&alt_size_ids=16&rf=https%3A%2F%2Fwww.wheresgeorge.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=b1401fab-9ef2-4466-bdb2-1adae9ec4cec&l_pb_bid_id=36b3adfd00cff0d&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.6678599273094814
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8fe64f1906ce3be87e4b02b102a32afcfc77fa567469efbdb60f63cd7fcb38ef

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:21 GMT
Content-Encoding: gzip
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 2412
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 255 B
1 KB 203ms
97ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238888&zone_id=1178360&size_id=9&alt_size_ids=8&rf=https%3A%2F%2Fwww.wheresgeorge.com%2F&tk_flint=pbjs_lite_v6.29.0&x_source.tid=8cae632c-e19e-454a-a4dd-4d373cba621e&l_pb_bid_id=3899198d86c09ad&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&slots=1&rand=0.20224891863130923
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ea16ff7bf9ef54f0834c960fca035b7187ec55fc4524c5a70c6afae2f81b0e29

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:21 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 255
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
314 B 132ms
132ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=360263&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223966d6f5f83a726%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.wheresgeorge.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.29.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.wheresgeorge.com%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224057cc8d500715a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22360263%22%2C%22sid%22%3A%22160x600%22%2C%22fl%22%3A%22p%22%7D%7D%2C%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22360263%22%2C%22sid%22%3A%22120x600%22%2C%22fl%22%3A%22p%22%7D%7D%5D%7D%2C%22bidfloor%22%3A0.05%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22at%22%3A1%7D
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db0310fb3082e3ceec233b5bc61a72cfb06647514f06a22aae6b857d07e91b79

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQqsatd%2Bt8hYW%2FUil7G653JdD1p3qA9ciTUEx6HYphI6LoZfc9%2BjfJ%2FK8mRPAHENVQjpy62oPYxCylIBdUj%2FBZ0xpKNCC7tGcBNurk4gg0tPZ1y2XI77hk37kfwttkm6%2BK59DFju"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 727463ec7da2693a-FRA
expires: 0

GET
H3 200 arj Show response
didna-d.openx.net/w/1.0/ 72 B
100 B 53ms
39ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wheresgeorge.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8cae632c-e19e-454a-a4dd-4d373cba621e&nocache=1657236860864&aus=160x600%2C120x600&divids=skyscraper_1&aucs=&auid=540256503&aumfs=50
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 20d76b987a91b2e8fd71d72368d259c79ddfb1443b10c415944ca5a5f47bc0e7

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:20 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
131 B 31ms
30ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Thu, 07 Jul 2022 23:34:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 5
vary: origin, Accept-Encoding

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 32ms
31ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5ccaa00f5&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: dc9873bc59ebafd842a188266df556dfaace2a0ca646c556e5ed09923551bade

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 29ms
29ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d6092b00f6&cmd=bid&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: c651df74bd888f4a06287871974f33dc00a6da4103e937dae5b9905254efb474

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:20 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 133ms
86ms XHR
application/json 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

1341e417b9eb1f94da0c9e3dc1a880b77195e2e0da037c3adfd99adeb55673a6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:20 GMT
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ee1bfe46-215a-4519-8a33-920dd49776bb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
64 B 217ms
177ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/7e003a98-6fee-48cc-bf34-9f58ea6707ef
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Thu, 07 Jul 2022 23:34:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 115ms
28ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 105ms
30ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 389ms
389ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=908605324964748&correlator=2171096227171020&eid=31068364%2C42531608&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=170737076%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C468x60%7C970x90&ifi=1&adks=1253105972&sfv=1-0-38&ecs=20220707&fsapi=false&prev_scp=auid%3Dleaderboard_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1657236861132&lmt=1657236861&dlt=1657236859553&idt=822&biw=1600&bih=1200&adxs=437&adys=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=969x0&fws=0&ohw=0&ga_vid=526263631.1657236860&ga_sid=1657236861&ga_hid=259042230&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

bb39bebbd7f4e85e246bad334c010af4b9c79b577055082afe141d2266bcf53b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11786
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 775C 6 KB
4 KB 117ms
27ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:21 GMT
expires: Fri, 07 Jul 2023 23:34:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 110 KB
40 KB 415ms
415ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=908605324964748&correlator=4000895870694500&eid=31068364%2C42531608&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=170737076%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C336x280&ifi=2&adks=3345730538&sfv=1-0-38&ecs=20220707&fsapi=false&prev_scp=auid%3Drectangle_1%26adLocation%3Datf%26didna_vis%3Dtrue%26hb_format%3Dbanner%26hb_size%3D336x280%26hb_pb%3D0.05%26hb_adid%3D5492cf93e9e7e42%26hb_bidder%3Drubicon%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1657236861146&lmt=1657236861&dlt=1657236859553&idt=822&biw=1600&bih=1200&adxs=946&adys=812&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=710&ga_vid=526263631.1657236860&ga_sid=1657236861&ga_hid=259042230&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

a8a7f3a4e2585a36bd58dcc79a55c6d1457f42f10ee04e0c74abc36451a08686

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKXKrrP45_gCFYwx4Aod5SsJZg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12359673423906974817/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKXKrrP45_gCFYwx4Aod5SsJZg&gqi=&layout=/sadbundle/%24csp%253Der3%24/12359673423906974817/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41184
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Thu, 07 Jul 2022 23:34:21 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 375ms
375ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=908605324964748&correlator=4062487583131663&eid=31068364%2C42531608&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=170737076%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600%7C120x600&ifi=3&adks=1561093687&sfv=1-0-38&ecs=20220707&fsapi=false&prev_scp=auid%3Dskyscraper_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse&eri=1&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie_enabled=1&abxe=1&dt=1657236861153&lmt=1657236861&dlt=1657236859553&idt=822&biw=1600&bih=1200&adxs=350&adys=491&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=60x0&fws=0&ohw=0&ga_vid=526263631.1657236860&ga_sid=1657236861&ga_hid=259042230&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

d611b833acb1fbb29c03f25d02ad3e18fbb8ef97cbbc42a99fbcb816319f608d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8434
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 575ms
185ms Script
application/javascript 35.80.221.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.80.221.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-80-221-146.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
cache-control: public, max-age=86400
last-modified: Thu, 30 Jun 2022 07:18:49 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 76ms
22ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 23:30:11 GMT
content-encoding: gzip
age: 2505850
x-guploader-uploadid: ADPycdtRROVMB1Y4ufOoKpRaa8Aj30ws-i_gLpPsYsoBBK8qVMh7tUqyXlZMR4emF-rICo6H7QWi69HyZct1p8JXIxvO8Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 08 Jun 2023 23:30:11 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 43 KB
12 KB 85ms
22ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

571cc1e3b9210a3e1da4b1ac7292fc391da3cd6589310619cc597dcd8e22a853

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:33:00 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="esp.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 12035
x-request-id: 872548028

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 68ms
20ms Script
text/javascript 34.117.97.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.97.210 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 210.97.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 65fdbffb25ba308ac10bef5f501539fc954abd0aa7d524e3d9c03e552eb90d74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:24:38 GMT
via: 1.1 google
age: 583
x-guploader-uploadid: ADPycdv3ZTA26CfX_ute7Y-SCDwxSU9Cy6DMMQSOnoKiOjdD7mpvqGz5IJ2ZcVXzOg9Vebr_06ufHcYl2lmPulI7jB5ufo-Yltt8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1179
last-modified: Tue, 05 Jul 2022 12:17:24 GMT
server: UploadServer
etag: "6bbab67fc4241ecd088b77dac40a4d99"
x-goog-hash: crc32c=1U3nCw==, md5=a7q2f8QkHs0Ii3faxApNmQ==
x-goog-generation: 1657023444625321
cache-control: public, max-age=3600
x-goog-stored-content-length: 1179
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 08 Jul 2022 00:24:38 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 127ms
40ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

131c05e477bf8353eec219f9f266b5ee87a1b9fbe74937c3950ed1377ff78e8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 06:23:34 GMT
server: nginx
etag: W/"62bbefe6-9d48"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 08 Jul 2022 23:34:21 GMT

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 361ms
114ms Script
application/javascript 3.138.210.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.138.210.41 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-138-210-41.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 27 KB
9 KB 77ms
22ms Script
text/javascript 65.9.66.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-97.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb33b3b2fa42f7695238fb0adc21dfd3d85b93402dc9d6997d645e4b7780245a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 13:10:16 GMT
content-encoding: gzip
etag: W/"9dad6de292defdc88b233f5b2a2694fd"
last-modified: Mon, 25 Apr 2022 17:47:23 GMT
server: AmazonS3
age: 37446
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: -2hS6Oeb5hxKC8ZjUhCrs6Ju62Bt9vHXjYUkwb8ceqa4SWxITUZnVQ==

GET
H3 200 container.html Show response
d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9049 6 KB
3 KB 62ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207071418/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:21 GMT
expires: Fri, 07 Jul 2023 23:34:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C52F 6 KB
3 KB 47ms
21ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207071418/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:21 GMT
expires: Fri, 07 Jul 2023 23:34:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FDD 6 KB
3 KB 23ms
22ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207071418/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:21 GMT
expires: Fri, 07 Jul 2023 23:34:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 encrypt Show response
privateads.rtbhouse.net/ 202 B
219 B 74ms
34ms Fetch
application/json 130.211.29.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://privateads.rtbhouse.net/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.29.253 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 253.29.211.130.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: dedd8e1414987010bb2a298eb85c0cac71493b151e9583c3d11c1f9e14c604c4

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 36f54a39fdd968f159229baaa8552558
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 202

OPTIONS
H2 200 encrypt
privateads.rtbhouse.net/ Frame 0
0 96ms
33ms Preflight
text/plain 130.211.29.253
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://privateads.rtbhouse.net/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.29.253 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 253.29.211.130.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.wheresgeorge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://www.wheresgeorge.com
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 07 Jul 2022 23:34:21 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: fffca914ba9b644322e8aced6141af81

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1

85 B
103 B

145ms
125ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H3
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 4b059f655cb3ce0e5922c5e3a89ee354b0f4e2a00100fb6342deff54eb95f50d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
via: 1.1 google
etag: W/"55-1y9OIHeXJRqXr+49nJEzCxncOSs"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 07 Jul 2022 23:34:21 GMT
via: 1.1 google
access-control-allow-origin: https://www.wheresgeorge.com
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 20 B
313 B 136ms
42ms XHR
application/json 54.154.180.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.180.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-180-162.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:21 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.wheresgeorge.com
expires: 0
cache-control: no-cache
x-server: 10.45.11.186
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 20
x-consent: absent

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E624 624 B
974 B 81ms
31ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNU-iU4gKjLuBNKjgq0F6wB0NaSkzZtxkK_iyznWi9hEVAH8RAAVK7eeRc-h6e5eE-MKCg5jAzUU-Q4Lme0-2wZPnnDs742ToXKd5wA9hBlrMfsDevj1JBCwrX_4HRpxe84BTmMu-9KqPsLwlWGARvuzjdhIeRleGHdXaTZFyfx_AdpKDeY

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:21 GMT
expires: Thu, 07 Jul 2022 23:34:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9049 14 KB
11 KB 100ms
52ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ce5c4tjS_IgNc6P2o-tdjpWuRGkHPG41Gz9q9Ev9uSlbeNoZ5gUjGThjY8TGpXOxWLS48zyC4ddZz_3R5LEwW1XfV8BuLfzNZNUsvnEb2McX6c_AGgf5fNFYpqWMmSLTtaPC7E_gZdR1kn1WTNaMMumpZJVw&cry=1&dbm_d=AKAmf-Ac_KdClNwtzd2o4GbvzmqLUQC3iRuKEY0bKAQv49ji4-VxRQHWg3GwDNJ0bukcjBhUA3Di0B8fBV2sNUatv-RonsUAxMwg-SM6gH13gOKQKodfYiNyYxcSbE4Ee_T2SC05AoPfzU1IhLLqhSiltP_xkk9VSu1gwvYLwvR90frayfmUXwLH1dUT2HRrIkSCi0MMZ1vLcztYb6loBIl7lJ2AWZyuHCxfBRfUS2Edh1_h1jg-JtD3PK39SM_BCi0ZglWd59VHxRELXpiBnOd_7x6QsaZZHCOJNA4bD95crp2oUGh2znQtDhvwUbHiSJcnYrMjEiiaZLwYZtuQSpbzlbexNgYudeece9i7Ewd_Lc2dQqDYYWsO6O-IFe_2H_kI3EKBiQ6pGorxpbwYkArTIIy1SfPomsYPWpSdhXtPRkTPzJamDiNtyuSrE9QrePz3X8LvP0ucEuZReMjBlves7FMcuCdGdwmeqRzKT4Vm3dY6nX9G7RQqsAdItueglLSkfouQRGJHSpiXlaGnGwODDEaYHvocfXX565Ca7lEQUBXClt0IIS2yr8UTLN4WlKyJEiJx7ydgx6zCtXTc36JsLHY1_OwOxYHms5QSKyCDtTBJDQ9Zkk9egOGsOtZnQSPH7HAXp0-KSM6Go4r95wFUmM9laC64qjhOZkWx2PJk_52jw4wG3oQuqViyrLABrJchDu8cgpYjhGNSaCgjAvRk3qyNefKVv1iZwoCd9WShDjmpghA7cWkNODkD_lGXz15suzYRXuHBZlqJD0-Xa3l-0JFhZUMiB_beDyOSaxUl_iUwUxeC0PvqnuwD5wcwGoshP0BY4Wr-GNMb28dsUOFnfCvehVqjHMxsOHMXqw7BIF2y1KcYX1KoowqYlqh2W-oXxSH7UjNfh3GC3sjs_PGQeuK9PqOSix6MFuljSGfoh61ARC9KNvYjGoYKrTsBwRByKAetOTfWg6YCk-eMLagcRzP80zhcSgCyJF85WJ7qi40EYl6yextWTPLWbUw7RTPNBDEzf2GQLmH8rK_6lVUHdAafoWTyaNflFX-M3nqzF9ho63fCYEfqYcSmxPSKlEkMAQ3lPLtDpdQnE0_DDlnTHbF8xAR4-9Unz9HDVY6OmGQqMQ7eoGdceqm2DF41sJfGBosAXXld0VQxDTXicwnbhYRgTlTlZOkbF70_zZTm5C-3lv7Y6luytmYEpkItgkaa3kSkYIyEBDV9AY5J4xxcFYv9qd4WlqdAdVOWLxs5-gHVj0q-0wGCLCVkseNc7F_O5xdskiA4kwva44QBCEX3b1ZJ4eW9mvUCfz377t408Y_u9ow8xkKZ5quXIcsUxU4n_95hYLQ5Vrm-ApQLDqOcXsk81Bnkz2rQSCBMmHBd57cTr_5lxEbweqRWYycGajp8iq-yFTFV5YTUaci2mQ-LQTnHaWIMLp9N5MkqNBmkApxIM_4B87pbLoER9RA7W-XwqflPZJtB0BkAFmYJXDjJeDQWLC_65IYmXSQJSLoPbI6ZToTA2R4artOjOzqg-Fn56ydasbc3-QY7P6isvZvG3PN3J_POpycrM8QSzNMxGUzD_3VvMW5s9oNAgnXO__Lfft6iSpKZD0MQj_HBX6EeQkfjpcEEbm49wvV5DyXdKJfA_tnZr5vceLV--qZ0WTufifE5bEEUURirlIQE_woYgHFSjtFQtxuPi4TDgUdqLUsExAWo7LzmuJxrtA1z7PrYDM12WpT-bkB5sgtDFY6hZ3S_NOMMxN03yTuhfsJAiNG2PqyN86oeTODMDg5Zzq17VXChMBz6ZKsdNVDz6Gw32oNxwqVj7ufPIO4G1TRGoNKh9btuMM8g3Ya2of75VkCm-1ijxHrWU11m4ntP-2sUZ_2FtIDdQKESV2R2xo2gcz94PQpHxN9CbAR61lSEGmxXRn09LheqFEw7ucMSIKba7XJLWmuqywtUtXffDpkXcL0ixafuf2yi3w81_J_RhOYSZUONhsXIwyh95Y5xCCW4lqR0ISlYr_VI3r-hcvsn2zAmDHObjfgAsjsttfMNnn74MMXXedAVB9fa-3Pv_0stHvaRydgQaRIqQVcYWAHRFEPpkfH0DQ3xOX4_HFXI1ZjUWRHq-dPEjbVT7sp-zt5XdUAiWkvt-hZ96_SpWy8la_Bs3WcYPPX7Jnr0yqGV3RPLB4Ou_IFbd3GUaTxRoQRYErpUXvVFJ1XVGc9travNCCF1PQrQHK5lwBa4yvVLwB9tdwtBwcLOgDRbss3nGFss2zooDfvqfCgkRBM4p3wopFtgpbu-BMFvLQVZbHRnDV3CRzGiaWg1vnTlXI7A6mCNqP7CWvOuRcQbe6Lu7tjV0ol31VYzRdVuH36pt_tM7z-8wFLlp7DyqwrBcUkjKgdXIiu-PcHg7hZReblLMC-_-_oNBnWRDkHXl5UHBbk0pG0tH-xy7-PYnO_pkJkpEYyifaZfY6bJKh8fqJM2xPcYnI4LxEf9-PmSEh2nkMx2cpV2soG2p0UxrWWqp9n9bbGxYNJvnjS7CndBmvp8zoBDVKhzTOQVwhYrSJftRPgOemcYlYvsdVkCs6n9uzB1hT3QNKFb7FTfsItEVYZEDT9VHbVh4HvOPUHJ8pJZ_idkO-cryQCUT0rp2d2wVMmlskAPi5mRf2gv9nn7ZA6p8_esvzQ2PFpqKJ8yS7YKTVBsgDZyNpYd9Oo5Dp3TWPtg-2RGHXX3lT13yU3ODwO9OmJwYqpmCyRfZWU&cid=CAASJ-RogGsKXvHEsUAjGb1BRIY8MKKyOBs3N-lriwmygELVFDvXzG3TSA&rfl=1%2Chttps%253A%252F%252Fwww.wheresgeorge.com%252F%240

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a5aaf331d518d87b28886674397a0a1e6af458e794c17950f8eebcf28bef136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10791
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9049 42 B
107 B 116ms
53ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DHkrNKlqQi_PdENjcJBe_BTvb6cr6XDEWH-tHc3xjp-5SRPn8dtcEX2msdQHf4zch5P6iVpUVCtYVJpduMFWI1ZkIigdpYeiXjE5doUrZjm7xkAG0

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 9049 2 KB
1 KB 83ms
19ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25719834&cmp=27916106&plc=337305812&sid=5829972&dvregion=0&unit=728x90
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:37 GMT
Server: Microsoft-IIS/10.0
ETag: "fcf82911d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 9049 3 KB
1 KB 87ms
25ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 23:02:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9049 137 KB
43 KB 45ms
30ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 23:34:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 9049 17 KB
8 KB 81ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 23:04:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9049 0
0 74ms
27ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRn1EKCvJxVLm3Bs4KR5LpnGQrofSpHoq8OkKp0bmGy39XbInjDyKnyV0W-UccdoZAS517ZBTYiFhwwIOMgHmJDeqIOFw
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 9049 68 B
345 B 96ms
25ms Image
image/png 3.120.67.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_TWJaVFFTNDk2RUI0U2QyN0lMVTRyYkhYbko4LzIxNTQ3NjU3NjE6NzI4eDkw&v=5&s=v31g7dg7cpe&id=eyJkZnAiOnsiYWQiOjQ0MDI0NTQwNjUsImMiOm51bGwsImwiOjAsIm8iOjIxNTQ3NjU3NjEsIkEiOiIvMTcwNzM3MDc2L2Rpc3BsYXkvV2hlcmVzR2VvcmdlL3doZXJlc2dlb3JnZS5jb20iLCJ5IjozOTEwODAsImNvIjowLCJzIjoibGVhZGVyYm9hcmRfMSJ9fQ%3D%3D&sb=undefined&cb=5313954&h=www.wheresgeorge.com&d=eyJ3aCI6IlRXSmFWRkZUTkRrMlJVSTBVMlF5TjBsTVZUUnlZa2hZYmtvNEx6SXhOVFEzTmpVM05qRTZOekk0ZURrdyIsIndkIjp7Im8iOjIxNTQ3NjU3NjEsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.67.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:21 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 950B 624 B
559 B 40ms
32ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJ_m8s0BMAE&v=APEucNVOZbFRGhvq7B87J2_Z-lKm3TF6zfDH1MfzRjYVkwNbLfdIAfGssaoWO39Cv46dYGPRZn3loOG8-FF60FjBOmIfNi94K38zrx11dRDj6_TMP1UXYLVvy0s4VEoFu2mnwuaYDrfUWacRrs3PyzdsFGIqvX05n28z-38XjRkL_VYu3oKdRbg

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:21 GMT
expires: Thu, 07 Jul 2022 23:34:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C52F 86 KB
34 KB 108ms
102ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BcLRm5I7QttuYT_O-rxeFFYGzTlCtjAxNv3pHvfWeAIHud9JMXvPk1mIA0tmvWbrsZGQeQytIOskqP2BWYEv6so_85ZougIWKkLnHCgHD8d6d_vrHmntj6y2Uuy-h7kTss3jo8Au3uOfscLdJ6P1NLXvDDyw&dbm_d=AKAmf-Cbf99FoOi8OVC-FBSuPYz-rS5Jsw0RqptZi0sLq7fOJRTmkbTamysm4-aYBKC93vH1zWeCmV2Jlbl9vzV04b-yZPfnV1cUoN2f559WV6yps1B_MZcq2Mk-EDeAYk3qsg5CTLpHlP3FzdfsZf0ONPEf9imDoeHY3QcRFly8gshtjWi0-90unF5IALujGUvItskw9xYPNX__4Oni18iyQyZppYy2eLwBoPeQy8n8QnNH9vsOlT2A_1FYs6gx5hsMOYxmxliM8rjaCGSWH-A3mYGe2WLUtYEjMaN00Qp1JOv4OnDYvhUXVLYxtmMaKi-6ILyR_0M8DNhkcXCoD_4HLYQ5Z-QmXC912rDFywg5aF6hfSbo55eTNcbgZA9TFptPOGqO6o6kKrcUwEsYPe2kVR2BvLdQCtLRtiOauqZ-6Vho4z6V763--ccegPF-0FkhNXOmjc4a_5llGTLZXB9IktZrAn9aul6bmp8rcFKFmQAxudRd6G0OSA-JQgp-g7Nc-_kJCsjGfRZE7nHIM8vplRju3xjCGsEOGxLUlKxwajmF8oOqET3-O59IFipi8nwuB3zd2ZiHRkfGdNvKo6vCaKWTfZDmES96sWfcXNNiPJqwMW_kEQpUEpsux1_yn0MCHNCb4ZSmsvhwiRa5qm98wwuTC_BStP0SCcTJYpAU-u1iqfMYthNAYf9u_hYYF0j0PZSUSPpHnGexrxn9uh_kjwtDHPnn-ljCah2Tov3mAuhFjIlShJ2-Vzf-LOuJXhBAzmaeHNS0PRMEcqbgZqwrxb1kwrxXzFc_7jXULE254gqxTpy8yk2U9VShOAp7aTSD2tIrB_yfKI0jy76JyOeo7BpeEhm4ozQ4STMZJ3wXAz9ll7nqMTEKsnmacFNgZqLnsVRVve2Sc0Kddg53GVs7HCYCQtUHttEwU5CUJaK5I3qb4xHdf7_uRAXfXRZWNaHWzYKpRX_etAZt7RtfOXvV_KM1X8a-peSaCCZEzfTshVkKFRe7lyOxOflWvQJfJrqiZI8A-968YOD1reaOma_XPuDDgCCO-blC9Mu1AbV7IrO997Isk--10FlBltvUsfuTCQ1lkImoNaxJ8jS8dX1cGIyICEJg-WpIOkRq0pswT1kZbBApxFQs5H9f8RVmvPDlr0eOZEaRbSZuk-SiGJV7ew9pBOjJsTloOOy4nGqCkYTXiQxgZhC1fqPSOgkXkCWvC8JJ5CJ8jnoWDZWdDOnl2iJ4iaYdjJWVvz77CKHrPMZ6IophHwfAOBVV2kTZJQX5Z5SFFZTyQHZExj0mGjutwO3Y8s47raICYEakroCJjLDbTl_3cwNRzF-to59XwBUZGZnSI4_9ThCPYpD2sLZH0j3taxcwJ3Ww25gxZxpqp9Ijji9NzrIsCPrkwmGq_3VCxMkpCloFyGdfGn30Yx0aUJQPYtmjviET_0Wie92SLer3lGemW2OMn8d01LO6QTv5GrcdSvUlCSn8KB-vl-5qw3TiqphUFhTzWQVK4ZBQVgj5nAvNz4u6a73EdnCj4_H2FIHRniQbu6x5VQM5-YtSmxOV9nX-0FuPBp5CmBY3AvaLRvupM4STxef4d5rSLVoYH4yIzU8z4M60Sm8I0QjzkSv64Jg7IojDlLEBEhhhvDqf9ZC85xjKV9QEsU5Zr0l6e1VfGGamQ3UK85iAGmOAOFrp0W6tpGH74IKiM__LFB8RMDcgAAdewLhgCtJzBkm8OuKFRVahlWBo0cSy9DTnL1gx45pC_C_B5ql9WyQ044C6xnxTdAkkfHbBpd4j_3svzFKVIhP_ZJG4N-HanVAKLXJwMUyF5-YR0B6tGRK7iPY0r_LukVJ0caxIyqg9EFb0LQO4kITFiOvD42gbMdmZNLfr67QE3kcqoFs1yzKqaLMsmBRVKPlcuyJs4SqeS20sMjnoenU1epp08B8HOCACsmk3rX7YPHNEyeL846X3N28gC7p_l0XPn9bcKYjUWsbgfvOvte4e4L6k8ppPCNjwYHxBcHkxXXY8y_PulV7k2F6JV17YyZ5DlL_4_ipARjyblAodie6IpqyoXl6h78cwASC6MmWdvvklOfnyyDAyGAcxbZKTd_XjF_dNmt-SqEEqQKMcyXKiCSHp4zhCxbQaZqBSGL7XkkJX7_QyrlPtge4z9zVYxIZG6SjD-brsqZDJo5o6suYreESAMeD2QL16hDluZ6E0RQurDQI-rMDdmg844oifl9ofhgYPBplj6B4C_8xFIxwc-IFutDFj-JMjLS3P4S2mlfl_CFPCxIQDm75CxhGus_dROvwWMcXls_Cr4JWc5GwV-O4g-Cb9kkPlmwILKiopECDdAC1Lxo-V15-gSDXmGKy8cY3KJpKy75qCyaPJYj-zH6w429I39RDAPPw_ObWgPC-oDQG-jj9KeeThQzE1cBTIRZKH6l0772NvHAI20xk-g9zs0UK3uDf1LMYBvfoGuEoFMOnYVJVvL9WnXVsU51W8Oz-hnyf3TD01HlxdUEKjXvy_0HORe4mbmmQYc-DVKoai13LS6ztNt1EMmzRKDCe9Mvfs5lCkva2nyM7ne7hvSql2TKrv6kJuNqTbTkJ7rBprS7t30WJLRBwOL_pa4UW4AbjvuwvQFZ5NF7GFxpSLe_naxr91ttal1PaZk77A-kF08TV5qk8DPuq95bzndsCumG9b4SHzxraw748is33uDmRdM4UednjQguUpRzC-sLH5hitv5srw2sCKA6YCIw0MDujdAoKmAkTs6A0dNJqipT9MtrViy-7FaRj0ltahZqAqftXClozFYSGY_4FHtsBOp8bEngYUbqEU50DwIsl_olx5ZeaPWWWtljTKzLZWszAnYNJ-WKu8hWvZAa4Q5cJvCyXGm-7mXSTDKbWRNTqPVYQMPrWso7EYn22zDFR2I9j4qYEUsFiZ7L-nlK1dXUdEJBP5evfraeV_i9hK3Jgjen5n32dCtuPk0MfhZHUikVYoVafjBEe6-yHdZBTxtC5ugHAgKmv_By36iAhvjl17SI4HJ_xma4bmO5dorVMVic6ktf-L251DajVhM30PKFXReK1xfyU0f6e3D589uLM7huAmly4zURWROjUXB-YFZVunIjTuUsxSta3g_FnCqtnfAiLZpAUhAoPGstgjocMtPj8SxHLBBD-s9pBIXAEGFeic7YL4cwtp6vj1NaUcfxnaRka-I2xqpDYQn_MbxxBtu-fYb_Vh_MqbZRf49YhF2evG_OMXDLVH0pYXP4wEtbGeyLquzjxQQialJdc_VKDbQJM2IRKhVumIARQfAO9nWw&cid=CAASJ-Rof8RtOeaxqguhTxYoBAQd3sSu-BBnOm1YLp4l5eYfXuFV9YPU8Q&rfl=1%2Chttps%253A%252F%252Fwww.wheresgeorge.com%252F%240

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07e5a182d358978ed8a0e16bed9ab005a27721c77556120af4dd02f0d35a6597

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34198
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C52F 42 B
494 B 76ms
53ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DByspG9gswKXUqhpNVgV73500Ek_byJ831QYDCIXOwP1D_GtNSNSlDFWcFBJfFI8LJNWYXOeA9BuPHT9O9j_HIkMuN0DK-hhu-G4OeBML5SaHxNr0

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame C52F
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/64163091/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008203091&ias_pubId=pub-3565385483761681&ias_chanId=1&ias_placementId=176...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=

43 B
484 B

97ms
19ms

Image
image/gif

2600:9000:214f:2400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2600:9000:214f:2400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 06 Aug 2021 16:14:35 GMT
via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
age: 28970388
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: QwHXDuFFMAkqQZwO4SKw287IslfasL8ZbFT5P0Z7Y7AZOZFFN30XTg==

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:21 GMT
x-server-name: app02.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame C52F 3 KB
1 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 23:02:33 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C52F 137 KB
42 KB 37ms
36ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 23:34:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame C52F 17 KB
7 KB 43ms
21ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:04:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1796
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 23:04:25 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame C52F 68 B
345 B 81ms
24ms Image
image/png 3.120.67.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_TWJaVFFTNDk2RUI0U2QyN0lMVTRyYkhYbko4LzIxNTQ3NjU3NjE6MTYweDYwMA==&v=5&s=v31g7dg7cqp&id=eyJkZnAiOnsiYWQiOjQ0MDI0NTQwNjUsImMiOm51bGwsImwiOjAsIm8iOjIxNTQ3NjU3NjEsIkEiOiIvMTcwNzM3MDc2L2Rpc3BsYXkvV2hlcmVzR2VvcmdlL3doZXJlc2dlb3JnZS5jb20iLCJ5IjozOTEwODAsImNvIjowLCJzIjoic2t5c2NyYXBlcl8xIn19&sb=undefined&cb=9796339&h=www.wheresgeorge.com&d=eyJ3aCI6IlRXSmFWRkZUTkRrMlJVSTBVMlF5TjBsTVZUUnlZa2hZYmtvNEx6SXhOVFEzTmpVM05qRTZNVFl3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMTU0NzY1NzYxLCJ3IjoiMTYwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.67.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:21 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/ Frame FD26 5 KB
2 KB 50ms
21ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/index.html

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a98264f124d01f0027fcae2a3db831896358a5548bed824e071eac9d5c80e6b4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 315175
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1654
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Jul 2022 08:01:26 GMT
expires: Tue, 04 Jul 2023 08:01:26 GMT
last-modified: Thu, 23 Jun 2022 15:01:50 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2FDD 0
0 58ms
58ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C5FGffW3HYuWXDIzjgAfl16SwBt-Dlehqiq6hwbMQ3NkeEAEgpOT7ImCVgoCAlAegAcXqmbkCyAEJqQKi7zyoXQqxPuACAKgDAcgDSKoE6QFP0LFrurxFUITEnGbEJkPsxrazn7yum50XBrnUXfaC_y93S5uCt4-OTw-IjFK1fJVtLOjXfb3P_yJNRrSWuUgkkvaFj2D6Vqnr25g-T-M3mlXRBqIlFCZ3PfCck2LvqwCrAqZkMtegH5RM1fcwO8XH5bkAbETruUX1hHEgSFpqgW-IEIwyymxuuyewPO7Z7O0O-26TpBXc7_1jqST-gnWkO9c_2ViLvHaatYRhFZS_Ct0iG3hhqboEDe0xxyIonvTOeAnxWrCCmbzA4GpFJdKeepYW_JsxD-OrFGJvH_gbl3-pAd94o_poJMAEgPvf9IME4AQBoAYugAejlebGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENydI9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTA4gUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNTY1Mzg1NDgzNzYxNjgxGNyKFQ&sigh=eTwGNwCEt9k&uach_m=[UACH]&template_id=419
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/ Frame 2FDD 21 KB
8 KB 59ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/abg_lite_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 689
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 23:22:52 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 2FDD 68 B
345 B 24ms
24ms Image
image/png 3.120.67.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_TWJaVFFTNDk2RUI0U2QyN0lMVTRyYkhYbko4LzIxNTQ3NjU3NjE6MzAweDI1MA==&v=5&s=v31g7dg7ctb&id=eyJkZnAiOnsiYWQiOjQ0MDI0NTQwNjUsImMiOm51bGwsImwiOjAsIm8iOjIxNTQ3NjU3NjEsIkEiOiIvMTcwNzM3MDc2L2Rpc3BsYXkvV2hlcmVzR2VvcmdlL3doZXJlc2dlb3JnZS5jb20iLCJ5IjozOTEwODAsImNvIjowLCJzIjoicmVjdGFuZ2xlXzEifX0%3D&sb=undefined&cb=2989036&h=www.wheresgeorge.com&d=eyJ3aCI6IlRXSmFWRkZUTkRrMlJVSTBVMlF5TjBsTVZUUnlZa2hZYmtvNEx6SXhOVFEzTmpVM05qRTZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMTU0NzY1NzYxLCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.67.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:21 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
329 B 72ms
21ms XHR
text/plain 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Thu, 07 Jul 2022 23:34:21 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame ABA3 15 KB
6 KB 107ms
34ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.wheresgeorge.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:21 GMT
server-processing-duration-in-ticks: 2204
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E624
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

43 B
951 B

64ms
40ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNU-iU4gKjLuBNKjgq0F6wB0NaSkzZtxkK_iyznWi9hEVAH8RAAVK7eeRc-h6e5eE-MKCg5jAzUU-Q4Lme0-2wZPnnDs742ToXKd5wA9hBlrMfsDevj1JBCwrX_4HRpxe84BTmMu-9KqPsLwlWGARvuzjdhIeRleGHdXaTZFyfx_AdpKDeY
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 727463f40e5f9b33-FRA
pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dz7HMC9b0wi%2BeCpJP9sLINOLhMGrM5y9A2m7LOHUaso3FJTD5Oz%2FBotRpdgi64fouvTgTV7%2FJhwdSpnm%2FnQYIrjY12A%2F6y%2F%2BjhgrB0FBrYAslVYCtqN%2BbVp0TZ%2FnZlo9btd61FAzMldRIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E624
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsdtfhVhDKDia9NSK2xVjAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

43 B
912 B

36ms
36ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNU-iU4gKjLuBNKjgq0F6wB0NaSkzZtxkK_iyznWi9hEVAH8RAAVK7eeRc-h6e5eE-MKCg5jAzUU-Q4Lme0-2wZPnnDs742ToXKd5wA9hBlrMfsDevj1JBCwrX_4HRpxe84BTmMu-9KqPsLwlWGARvuzjdhIeRleGHdXaTZFyfx_AdpKDeY
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 727463f5fffb9b33-FRA
pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky%2FPlrqjP5dvUUzNVOZV1gIWgqgTXI8yd4wkPZi9iim2YQTv7orEQ5mTabPH2Rqy1g1Aoq%2BjxR%2BrIt1nN22qUiPJ3bkGl6pPdaP%2FrBmp6KQU4lPqh%2BbLHVhHNAHDA5IU2qyA7W7pYetSmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E624
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1

43 B
1018 B

28ms
27ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNU-iU4gKjLuBNKjgq0F6wB0NaSkzZtxkK_iyznWi9hEVAH8RAAVK7eeRc-h6e5eE-MKCg5jAzUU-Q4Lme0-2wZPnnDs742ToXKd5wA9hBlrMfsDevj1JBCwrX_4HRpxe84BTmMu-9KqPsLwlWGARvuzjdhIeRleGHdXaTZFyfx_AdpKDeY

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:22 GMT
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c7ff60be-458e-463f-891e-f1c28a8557c8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E624
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D

170 B
232 B

39ms
38ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:21 GMT
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d3f7cb3b-7f95-4d74-8b61-59bb93f08692
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 950B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

43 B
911 B

67ms
46ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJ_m8s0BMAE&v=APEucNVOZbFRGhvq7B87J2_Z-lKm3TF6zfDH1MfzRjYVkwNbLfdIAfGssaoWO39Cv46dYGPRZn3loOG8-FF60FjBOmIfNi94K38zrx11dRDj6_TMP1UXYLVvy0s4VEoFu2mnwuaYDrfUWacRrs3PyzdsFGIqvX05n28z-38XjRkL_VYu3oKdRbg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 727463f40e5d9b33-FRA
pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhoTDmT3sM2YcybB3JBIR7uzDqhTMn1xg4je1mA%2FYLGs2WhKWy3kYsMOd9GJg0mBQMHdQia29S0D%2FCnNTRpZdYvaoBAsyDV8LYQ%2Bz0FDxhZ6bem8%2BcF8ufq2cB6M%2BacYLukBD%2BV1OmIXEA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 950B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsdtfhVhDKDia9NSK2xVjAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

43 B
907 B

41ms
41ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJ_m8s0BMAE&v=APEucNVOZbFRGhvq7B87J2_Z-lKm3TF6zfDH1MfzRjYVkwNbLfdIAfGssaoWO39Cv46dYGPRZn3loOG8-FF60FjBOmIfNi94K38zrx11dRDj6_TMP1UXYLVvy0s4VEoFu2mnwuaYDrfUWacRrs3PyzdsFGIqvX05n28z-38XjRkL_VYu3oKdRbg
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 727463f5fffc9b33-FRA
pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Wmf6jr7aWzwCCKTZW5OWbuEVS8Jjm82tAXXvIrMJqc4SSmW2ONHYmDlrg13SVHHz8emMWZF0REclMmkDNrfb71fdhoDlfV7gOl8ndWKjUld0zO2FG3wjlHuRZq5%2F%2B1ZBHWxLPRglpycYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 950B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1

43 B
1018 B

28ms
28ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGJ_m8s0BMAE&v=APEucNVOZbFRGhvq7B87J2_Z-lKm3TF6zfDH1MfzRjYVkwNbLfdIAfGssaoWO39Cv46dYGPRZn3loOG8-FF60FjBOmIfNi94K38zrx11dRDj6_TMP1UXYLVvy0s4VEoFu2mnwuaYDrfUWacRrs3PyzdsFGIqvX05n28z-38XjRkL_VYu3oKdRbg

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:22 GMT
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: aad77b5f-7f4e-4f06-98b8-cfb762e52cc7
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 950B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D

170 B
243 B

38ms
37ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:21 GMT
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f5d72c61-09ba-4d32-ba47-714aa5703bc1
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9049 41 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58894
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C52F 170 KB
59 KB 95ms
19ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Origin: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 11:54:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41988
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Jul 2022 11:54:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220630/r20110914/elements/html/ Frame C52F 8 KB
3 KB 60ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220630/r20110914/elements/html/omrhp.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:16:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1093
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 23:16:09 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220630/r20110914/ Frame C52F 27 KB
10 KB 54ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220630/r20110914/abg_lite.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1572
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 23:08:10 GMT

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame 9049 55 KB
18 KB 21ms
21ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FD26 9 KB
3 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 08 Jul 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FD26 26 KB
10 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 16:13:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 08 Jul 2022 16:13:42 GMT

GET
H2 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FD26 113 KB
40 KB 82ms
30ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Jul 2022 23:34:22 GMT

GET
H3 200 main.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/ Frame FD26 6 KB
3 KB 24ms
23ms Script
application/x-javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/main.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8b3ef815cff94112dab4e2b035a97c3db4bdd77b3569ff338921178b084f0e1

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 315176
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2558
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 15:01:50 GMT
server: sffe
date: Mon, 04 Jul 2022 08:01:26 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 08:01:26 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A885 143 B
163 B 59ms
18ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1557
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 07 Jul 2022 23:08:25 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 2FDD 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 22:51:56 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 2FDD 17 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3433
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 22:37:09 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 878A 22 KB
8 KB 19ms
18ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58895
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 9049 1 KB
900 B 109ms
26ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_902363004434&jsTagObjCallback=__tagObject_callback_902363004434&num=6&ctx=25719834&cmp=27916106&plc=337305812&sid=5829972&advid=&adsrv=&unit=728x90&isdvvid=&uid=902363004434&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=2.20&dvpx_strhd=2.20&brid=3&brver=103&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=5&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH96C6D86%40C86%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH96C6D86%40C86%5D4%40%3ETar9EEADTbpTauTau5aa3%6037c3a%60f7d_257b62cb_f5_h5fh%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.90&callbackName=__verify_callback_902363004434
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 9590d182442a6ca08c92ccdf553c2cf084164a597cd68fdca297966ff8c8c291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:22 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 07/06/2022 23:34:22

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2FDD 0
0 67ms
26ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfqyVUAezUaD6UvSVa-O3eXLHG3r_0SR35I61jl5r4QWm0ifr_M-4dXTEDA--NU6Of2Th_TDTHHkKHRb-GYEjGc5BHNA
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2FDD 137 KB
42 KB 35ms
34ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 23:34:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C52F 41 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58895
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame ABA3
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheresgeorge.com&sn=ChromeSyncframe&so=0&topUrl=www.wheresgeorge.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=_tdFLXxqNm9pOG9DQzJWNnN4R3ZvVG4rKzAxL3Y2M1hPNXhxVHJyZExQeEtNeTVnODcxbm5taGlLSzlEKzhoWjVqMW92cDhyajYvRlZhVXRwbk9QazFIY3VkOHpUQlc2MTk1bGQxalF3WERGSzRFMG5YK083STU2dXdSS0...

449 B
644 B

150ms
30ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_tdFLXxqNm9pOG9DQzJWNnN4R3ZvVG4rKzAxL3Y2M1hPNXhxVHJyZExQeEtNeTVnODcxbm5taGlLSzlEKzhoWjVqMW92cDhyajYvRlZhVXRwbk9QazFIY3VkOHpUQlc2MTk1bGQxalF3WERGSzRFMG5YK083STU2dXdSS0lVWlNuUTNybHJWODduZDM2ZmJWRlljTEEybENFTnNaSmtxeXpNdFJGaGRMakFnQkg5THpPbDc0bTY0VUxma1d0Q1Y2MVhsOGlNclBKTGFBNWhlYk9lM1BIU1VtMlVnalVvOHZYNkIxNHVKY1Q5aldTd3N2UDlWQjgyeUNJbEF2T1hQc1h5bWw4eHJXZEtjK3hvbmJMRjJZWlRDQ2Jhdz09fA&cppv=2

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d732474ea3dde1a32537b4a34633a2aa81667dc0a7b43ca2ae96b2ad113a0b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5271
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:21 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=_tdFLXxqNm9pOG9DQzJWNnN4R3ZvVG4rKzAxL3Y2M1hPNXhxVHJyZExQeEtNeTVnODcxbm5taGlLSzlEKzhoWjVqMW92cDhyajYvRlZhVXRwbk9QazFIY3VkOHpUQlc2MTk1bGQxalF3WERGSzRFMG5YK083STU2dXdSS0lVWlNuUTNybHJWODduZDM2ZmJWRlljTEEybENFTnNaSmtxeXpNdFJGaGRMakFnQkg5THpPbDc0bTY0VUxma1d0Q1Y2MVhsOGlNclBKTGFBNWhlYk9lM1BIU1VtMlVnalVvOHZYNkIxNHVKY1Q5aldTd3N2UDlWQjgyeUNJbEF2T1hQc1h5bWw4eHJXZEtjK3hvbmJMRjJZWlRDQ2Jhdz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1267
content-length: 541
expires: 0

GET
DATA 200
OK truncated
/ Frame C52F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44a6c0cc167c3e583045aca6ba1f9b3bb1f8d00fadcebb3d3d1d14974cc50543

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2FDD 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccae9c5906e39a052b547be26a1da7449933b4252c7ae0d7ec4f4e62ce1c819c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame AA27 0
91 B 43ms
37ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 07 Jul 2022 23:34:22 GMT
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 878A 36 KB
14 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 12:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13895
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 12:40:04 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/3691154781510778365/ Frame C3FF 26 KB
4 KB 71ms
29ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1e99024b87d4ef1f530e0383185c7b9c1fa8c902f1cac07e13c0d9892326876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:22 GMT
expires: Fri, 07 Jul 2023 23:34:22 GMT
last-modified: Tue, 14 Jun 2022 07:44:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C52F 0
622 B 140ms
63ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1wSIsGFKf-XjYgRdYpXwfT0zqR4793aMbSbQPmk8PWC9LmmurbNwLKoTWVcLAoa4dHgqMcKAUp5xAln_1bqePPs6zE6S3UpifjHRBAJl4F3TvndhR-xaBkB5ZQ7C3qAJZGYv7qDPYAHmqkbSg9gyFtT0bMl2WoItm0p4acJd_h0ngKk7uIZ1NUnU7CEmKIhIlahXD9nslrLwiwbpMLLBmekbCMpsBIISyqSh9N5DD7OkXlDRDIpze8l-xJ6r8t4cg5xGpiANWDaLNK7VEfX16mToSEIuaadymAeV9hPAJJgepegQnUqMIdVs6cvPyNPndoo2822ODSk8lTukE9u7WRMBH5AbSWt00j-dpczEpGpvldfb0gfaVsX00iaawTRiCHoEbsqIBGlwFVz5HLcRUCTQFpcuvPpwzxGHoD1kXKYDXl--cOJyHUinU7QvsHbNAyuEQtOn6xKd8ZEIyxzPg-8dbFof8J4_I0qlCm7MWIQbrrGDJu0bkToq0hRXOm9PJ92K97QVknJeovaZ6Awy3tjkygKwi5GeYd0uNvs2iYDfIq53JC6a5G3_RmbrNW3YFMt2zAXBhFgyDoe3Fvci8vlu-hib6Bp6ffc24EvTz2yqNbJpfEtE9pas3_nC_rvNXwrGSQ-ErRvr5QKH78UppS9QKB4oxTR4BLYqE2_-DjIwbl8ONO0nX_w2oNN0lFR0wWNYaR4GCtpNhXyPqxa54FC6hZDDS3OHvbOyHgRlG1jfrGZa4hSseAFHDvhmfHHNnOjwL7D3mH1QN7PKzWmjZ9VzG4gca3iGO0KogilubJvGCBIL8izID6_SHdlSIiq4QuOy6OvRCl32H9M1vpXZbD1JH2WFc9AlxFyX_fy7avsTwuhOXviQ2BSoglQ5ilKmuLPaSrSvRjQR3HINarYuORoRjecS9wwDvoGyy2_Lt80oENLbJyfgILTHIbbT6hmwYIDXnIfGm_skf66JzZUyYrbGJc_dUysAvPIgQG-1A8Zqz7XC4bbPtcLXLa2xWH_PFw9CrLqYDK357qcTIoOnE6C4Nnw9VevKOG2cx9e1k7fj1hTMWD8jGm7Me_JhSUHroH68Qpil0wyy5PkWLvrUmnI8iSLqlq7eqUWopAXdhSkdXbcJ7_BN2KYtFIUw3_vXWF4XB2IQxj2ADB6F_ssMo9-zUUIWzXC1Ras_g4DPYg7SKij4PE6J6dQ0kPS5xsJWhsjC6qqeY-uu3&sai=AMfl-YSfG0BgQdMSIoC8hLRdw9VmCp3nZnb8kfrr1yuiyItFBneezN8fTDOV5H3bzWcCi68drSC1gjqQOiwVZM-_KmiP1IatCxGuvxiNHLsDgTJS6Q6S1Tw4zZjcIZPzuzpz02hWV0Fp4C5Y_GgODrfswTNBg8gnGNTNoIyeL_HH7RMTeJXRk_uD9ySKUj9jx2WfxMLQolaC0BfCCbfrR_bHM2etUzJWK4Y&sig=Cg0ArKJSzJigNLVcaTDJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=227&cbvp=1&cstd=222&cisv=r20220630.28955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 07 Jul 2022 23:34:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame C52F 43 B
1 KB 112ms
32ms Image
image/gif 85.14.248.71
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008203091&extPm=431797023&extCr=17611869532&gdpr=&gdpr_consent=&rnd=3909048188

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.71 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 07 Jul 2022 11:34:22 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 07 Jul 2022 23:34:21 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame C52F
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=160027073&d_placement=339373691&d_campaign=28006261&d_bust=3909048188&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=160027073&d_placement=339373691&d_campaign=28006261&d_bust=3909048188&gdpr=&gdp...

42 B
964 B

49ms
49ms

Image
image/gif

52.209.247.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=160027073&d_placement=339373691&d_campaign=28006261&d_bust=3909048188&gdpr=&gdpr_consent=

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

52.209.247.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-247-136.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v036-0edf12844.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Xvv8JUz5SWQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v036-01ec876b9.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: nGDTd0qtSeY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=160027073&d_placement=339373691&d_campaign=28006261&d_bust=3909048188&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 9049 0
319 B 63ms
21ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=07cf243b4a0b4358b625331543f91c9c&vfdur=110&cbust=1657236862204299
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:22 GMT
Vary: Origin
Access-Control-Allow-Origin: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 07/06/2022 23:34:22

POST log
protected-by.clarium.io/ Frame 9049 0
0

POST
H/1.1 200
OK log Show response
protected-by.clarium.io/ Frame 9049 0
337 B 129ms
26ms XHR
text/html 3.120.67.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protected-by.clarium.io/log
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.67.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 07 Jul 2022 23:34:22 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 20

GET
DATA 200
OK truncated
/ Frame 9049 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d5e2127a365b8af0675e6caf355bcb71392c0e338970df87dcd1205e182c014

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7877 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58895
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A885
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

38ms
37ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Jul 2022 23:34:22 GMT
expires: Thu, 07 Jul 2022 23:34:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 07 Jul 2022 23:34:22 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 commerzbank_affluent_mut_300x250_v1_js.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/ Frame FD26 71 KB
71 KB 64ms
21ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12359673423906974817/commerzbank_affluent_mut_300x250_v1_js.png

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f42c0d31abbe564d1896e699fa66886884866d5ae5e9d8ea66e086bfb7cb6f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 315175
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72205
x-xss-protection: 0
last-modified: Thu, 23 Jun 2022 15:01:50 GMT
server: sffe
date: Mon, 04 Jul 2022 08:01:27 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 04 Jul 2023 08:01:27 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/3691154781510778365/ Frame C3FF 4 KB
1 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/3691154781510778365/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a5fd4d0f907ec6a3687facc5a90765a945864f373360240907f8e788dcff54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 08:50:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 225841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1378
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 07:44:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 05 Jul 2023 08:50:21 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C3FF 118 KB
40 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 14:37:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Jul 2022 14:37:50 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C3FF 60 KB
24 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Jul 2022 23:34:22 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9049 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.526,e2e.1306,fs.463,reqs.506,ress.526,rese.527&srt=65&e=&id=csi_pagead&gqid=&qqid=CMmKrrP45_gCFY0W4AodGx0JCA&rt=lb.747,ol.780

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js Show response
pagead2.googlesyndication.com/bg/ Frame FD26 35 KB
13 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SDwrgNAjdQsa4VNQPO_RFNWmztQcb_iohgsAvJm3iSQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 20:08:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13718
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 20:08:35 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 73ms
33ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 71ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 406ms
406ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=908605324964748&correlator=1953483345115982&eid=31068364%2C42531608&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=170737076%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C468x60%7C970x90&ifi=4&adks=1253105972&sfv=1-0-38&ecs=20220707&ris=1&rcs=1&fsapi=false&prev_scp=auid%3Dleaderboard_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie=ID%3D947991643eba1d8f-227fdd0dc8cd0035%3AT%3D1657236861%3AS%3DALNI_MaoYasMB2WPQOo-YF9ut9hCcNeLzQ&abxe=1&dt=1657236862476&lmt=1657236862&dlt=1657236859553&idt=822&biw=1600&bih=1200&adxs=437&adys=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=969x90&msz=969x90&fws=0&ohw=0&ga_vid=526263631.1657236860&ga_sid=1657236861&ga_hid=259042230&ga_fc=true&btvi=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjK547YnTBIABIZCgpwdWJjaWQub3JnGKLrjtidMEgAUgIIahI-CgVvcGVueBIsZXlKcElqb2lNM0kwWTFkeVprdFNha2QyVEZkQmFsVjBXbWt5ZHowOUluMD0Y0-mO2J0wSAASwgEKCHJ0YmhvdXNlEqwBZXJSMWV0MER2NUdsWitxalBzeDVRUG1XK2pJeVdIQXZlbDZINWNsdTM2UWZKNjJFbE80SzFMTFJrN0RBbUdwS2I0Wk9tTGl6MkhCUU1tV3d3eStVWW1rZ3lMNWxjdGhPcWlIUVpHZVlWNkg2ZjZpT29nQ0lSQXlNelV1cFRpbEhWaXo4bEZMTVp0UVZxbC9SdHdVaEExck9SWkVGc0d6bFJaMlhMMjA0ZkRJPRj1547YnTBIABIbCgxpZDUtc3luYy5jb20YzueO2J0wSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

31e8bd455a46356864b8e3ac5b93bb80e251a56ece6463f486c42c45a267d72e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12429
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C52F 0
26 B 99ms
57ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu1wSIsGFKf-XjYgRdYpXwfT0zqR4793aMbSbQPmk8PWC9LmmurbNwLKoTWVcLAoa4dHgqMcKAUp5xAln_1bqePPs6zE6S3UpifjHRBAJl4F3TvndhR-xaBkB5ZQ7C3qAJZGYv7qDPYAHmqkbSg9gyFtT0bMl2WoItm0p4acJd_h0ngKk7uIZ1NUnU7CEmKIhIlahXD9nslrLwiwbpMLLBmekbCMpsBIISyqSh9N5DD7OkXlDRDIpze8l-xJ6r8t4cg5xGpiANWDaLNK7VEfX16mToSEIuaadymAeV9hPAJJgepegQnUqMIdVs6cvPyNPndoo2822ODSk8lTukE9u7WRMBH5AbSWt00j-dpczEpGpvldfb0gfaVsX00iaawTRiCHoEbsqIBGlwFVz5HLcRUCTQFpcuvPpwzxGHoD1kXKYDXl--cOJyHUinU7QvsHbNAyuEQtOn6xKd8ZEIyxzPg-8dbFof8J4_I0qlCm7MWIQbrrGDJu0bkToq0hRXOm9PJ92K97QVknJeovaZ6Awy3tjkygKwi5GeYd0uNvs2iYDfIq53JC6a5G3_RmbrNW3YFMt2zAXBhFgyDoe3Fvci8vlu-hib6Bp6ffc24EvTz2yqNbJpfEtE9pas3_nC_rvNXwrGSQ-ErRvr5QKH78UppS9QKB4oxTR4BLYqE2_-DjIwbl8ONO0nX_w2oNN0lFR0wWNYaR4GCtpNhXyPqxa54FC6hZDDS3OHvbOyHgRlG1jfrGZa4hSseAFHDvhmfHHNnOjwL7D3mH1QN7PKzWmjZ9VzG4gca3iGO0KogilubJvGCBIL8izID6_SHdlSIiq4QuOy6OvRCl32H9M1vpXZbD1JH2WFc9AlxFyX_fy7avsTwuhOXviQ2BSoglQ5ilKmuLPaSrSvRjQR3HINarYuORoRjecS9wwDvoGyy2_Lt80oENLbJyfgILTHIbbT6hmwYIDXnIfGm_skf66JzZUyYrbGJc_dUysAvPIgQG-1A8Zqz7XC4bbPtcLXLa2xWH_PFw9CrLqYDK357qcTIoOnE6C4Nnw9VevKOG2cx9e1k7fj1hTMWD8jGm7Me_JhSUHroH68Qpil0wyy5PkWLvrUmnI8iSLqlq7eqUWopAXdhSkdXbcJ7_BN2KYtFIUw3_vXWF4XB2IQxj2ADB6F_ssMo9-zUUIWzXC1Ras_g4DPYg7SKij4PE6J6dQ0kPS5xsJWhsjC6qqeY-uu3&sai=AMfl-YSfG0BgQdMSIoC8hLRdw9VmCp3nZnb8kfrr1yuiyItFBneezN8fTDOV5H3bzWcCi68drSC1gjqQOiwVZM-_KmiP1IatCxGuvxiNHLsDgTJS6Q6S1Tw4zZjcIZPzuzpz02hWV0Fp4C5Y_GgODrfswTNBg8gnGNTNoIyeL_HH7RMTeJXRk_uD9ySKUj9jx2WfxMLQolaC0BfCCbfrR_bHM2etUzJWK4Y&sig=Cg0ArKJSzJigNLVcaTDJEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=527&vt=11&dtpt=300&dett=3&cstd=222&cisv=r20220630.28955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 7877 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 12:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13895
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 12:40:04 GMT

GET
DATA 200
OK truncated
/ Frame FD26 38 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e27baa66e35f5d5adc061e7e1dde7ecc416a7ae08a15b8e0c6f36e7a2557e5a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame FD26 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc095eaf21a025ca7594e25b5797c98e36d14e5565330e8377dc25aee7ceab25

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2e915e625be4f06b78cb1b925edff38d601fcaa1759234ad3813579cefc1c58

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b63a4e3104cb86cf0e40841e7dff089e9337801cebd1fd800c147b8c046fb104

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a1790db3b9c71cef0f5e3a7f678304da0ffb59aca1258556302084616c7b006

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9864649e3535044a0314257831ed4d4562f3306d66ec9257ebabb7074dbf0fef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fd71fec9149992e104527f93147f22cb2aa94ee8bc3fa740e0137470183e7b3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 002893c5d967f858928b6bd83bbbb94b1df640d44b5f96b5438f649d74a583af

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 913a2c7f8ab991ea1ad9d9fcfc9cc8ea217f80bfcb4613442054bc959b54b431

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ddecbadcc9578d1b7788ae2a67bf3c493f555f1a7928e6c73c965f0ecb9cf955

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd5f0fc69b30c05ee89fcede367beaed2300cc1e91de5c5629cad29e7fa91be7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8a4cffc5a49036f24eb4fc41e5a2429d35aaa26301955b865d206643317e9a92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aec19cb1d1fcca0bea0893c4aa120950d14da9972864d112b1699c92ade9109

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame FD26 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ede111855afea562c88ebe5563df368faaa1e6a2b9057e3d8aaa2b9ddadaa75

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C3FF 7 KB
5 KB 75ms
33ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ac894480d5d3a92f5cd76bc77c3e53195a6deeb40298557154f7704ea59a208

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5550
x-xss-protection: 0

GET
H3 200 DCO_WOW_SPO_Generic_160x600_1.jpg_1655129923995_DCO_WOW_SPO_Generic_160x600_1.jpg
s0.2mdn.net/dynamic/2/10880479/s0.2mdn.net/creatives/assets/3690075/ Frame C3FF 34 KB
34 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10880479/s0.2mdn.net/creatives/assets/3690075/DCO_WOW_SPO_Generic_160x600_1.jpg_1655129923995_DCO_WOW_SPO_Generic_160x600_1.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e817c7ee85c56f334151a200c5978200e84ebfbaf85eac673f36346c38b34879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 11:00:53 GMT
x-content-type-options: nosniff
age: 218009
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34658
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 14:19:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 11:00:53 GMT

GET
H3 200 DCO_WOW_SPO_Generic_160x600_2.jpg_1654873645579_DCO_WOW_SPO_Generic_160x600_2.jpg
s0.2mdn.net/dynamic/2/10880479/s0.2mdn.net/creatives/assets/3690075/ Frame C3FF 94 KB
94 KB 25ms
23ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10880479/s0.2mdn.net/creatives/assets/3690075/DCO_WOW_SPO_Generic_160x600_2.jpg_1654873645579_DCO_WOW_SPO_Generic_160x600_2.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3744148146302322231a628ce76f82303067ab5504de9c5dad723f744843bfa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:00:28 GMT
x-content-type-options: nosniff
age: 318834
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 96187
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 15:07:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 07:00:28 GMT

GET
H3 200 DCO_WOW_SPO_Generic_160x600_3.jpg_1655214381092_DCO_WOW_SPO_Generic_160x600_3.jpg
s0.2mdn.net/dynamic/2/10880479/s0.2mdn.net/creatives/assets/3690075/ Frame C3FF 75 KB
75 KB 29ms
28ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10880479/s0.2mdn.net/creatives/assets/3690075/DCO_WOW_SPO_Generic_160x600_3.jpg_1655214381092_DCO_WOW_SPO_Generic_160x600_3.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fe20a335d5520434cd6de7b751149ad6fa58f434f6d50e95e22db62335c5a9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:45:13 GMT
x-content-type-options: nosniff
age: 139749
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76381
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 13:46:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 08:45:13 GMT

GET
H3 200 DCO_WOW_SPO_Generic_160x600_4.jpg_1655129923995_DCO_WOW_SPO_Generic_160x600_4.jpg
s0.2mdn.net/dynamic/2/10880479/s0.2mdn.net/creatives/assets/3690075/ Frame C3FF 82 KB
82 KB 31ms
30ms Image
image/jpeg 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10880479/s0.2mdn.net/creatives/assets/3690075/DCO_WOW_SPO_Generic_160x600_4.jpg_1655129923995_DCO_WOW_SPO_Generic_160x600_4.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

232e43b5e68fba4ffd775a6d185b66a528c0125b53825339740f04d7d9d5bcd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 05 Jul 2022 19:16:09 GMT
x-content-type-options: nosniff
age: 188293
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84097
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 14:19:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Jul 2023 19:16:09 GMT

GET
H3 200 blank.png_1634547452427_blank.png
s0.2mdn.net/dynamic/2/10880479/s0.2mdn.net/creatives/assets/3690075/ Frame C3FF 95 B
120 B 28ms
28ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10880479/s0.2mdn.net/creatives/assets/3690075/blank.png_1634547452427_blank.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/3691154781510778365/index.html?e=69&leftOffset=0&topOffset=0&c=ZUj2yrB117&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 07:00:02 GMT
x-content-type-options: nosniff
age: 318860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 08:57:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Jul 2023 07:00:02 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 878A 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf3oSfW3HYsr4Mcvl-gb4noDwCwAAAAA4AeAEAg&bg=!OjmlOX3NAAaLlKKnq5Q7ACkAdvg8Wh0OhIJQlW_cF8LSNPpZSe4PDiz3pAT1uxXzuvtNAM-sdPUKpQIAAAEsUgAAAAJoAQeZAuZfAxTL65SEnraE-E8aD3dPeOb6IUSuvk-FMbhDgkIHr1oAqvt3qs1w5n1tCT0UpqsDXbfxBfb4S6lc5pYjDP4oWAr44p8Oe-j66rFl9lTf_BbcxyUV_dI-qIS86Hy1umowXlfjA8tUvcUP1QnWBgiulIcZcyDfERAG-iPoiZlyc7_y9JjbjjHBcTlT6N73YYUIo0LFCvL-sJ3h8zmH1pITtyHH65VyuqU4mKoR2V7IHdmSTDw_Gpgg-8i0Qrx3Y3KVs8sIkEsIrV5-xdMToGRDs4VK-Gzu6_KdyIB56ix2HZuB1e-qDWmYlVc_hw3dp183301IuHG9st84ImuaWLulQL6_ZCKUveX7cLfhthaLEq5fUiDCVvZHmowMN7uQQ9NI-YCBEPzylxn6QDqLu-Q46QR6P4jrkEdeniiGKtYobnSBHEffX4arUa_FVWHvsg63pUXbH0rD2SoFGXG3CgKEELnSEd1BSdEzlDu6vKtUXJjtaxaM34hNxEw7baHKIKvaDZliadfMcKu9uhvlHoup6qU60LgD0wn4IH0GH1-YjQ25yWGxBnwGGFcSaz19aw5q2h8952Xba789XejmldkoNjTIITa7S2nb8ECwOGD0QgEEm3mWwRED-d-H12oUGsU1iQSaMQ0ooYXRBXtHanuP9PbE-E7VdkxXOhSUqWO04esULSm7_NjDYyEmoyJljD9njOi7cGfvdkeY_8f3hItEY7iLcilVs5wuWcBdKnA5fXurcxO31zQ6jhJTau8tfI1seyh6REZko4JmxhcYuR697E6qjAbAPwSKLR26-KndDfELKomjLcgN8XlwNCkRs4Lz7UBW43i9u_pI6U8zx3UZJzV8_zqJm_KQyWcQZ04J2kdowDZKTPFsaYyWIzByof7bSl2bPkOuT_5CphUyQ1aKPxrMwHkpWuNumVsLPAvMHOdo8g-y2V4qt1_ab5NnimhFrvAr1MxxXvO9A5QgWD7kWD0jWQVs

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C3FF 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 23:34:22 GMT

GET
H3 200 yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 6BAD 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 12:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13895
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 12:40:04 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7877 0
20 B 52ms
52ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5OnLfW3HYpTEMu7Z7_UPr4KEwAQAAAAAOAHgBAI&bg=!vr2lvfnNAAaLlKKnq5Q7ACkAdvg8WvMwRsypqthsg0OlV78bTMGFS605gpU31t1qTesF96dHLQ1k3wIAAAB9UgAAAAJoAQeZAumXOXtd-SVHfoH1JB8LeYXQKGSXTAergCIR-_IuHU-NLHyR8qnQshWwqtBES1_lE6zOmHnTzDe31afN3mVECeiru3_9GgylORD9q-jw8QNlSS0A_yjgLpkROBd28GM1Qb2Ma6zuKrBs6HPO7uYldqn9CL_-pW-CjxuF-KzYVxCI27PHQ2TzQPjRQtbvFe7hY3yfoVDgc14ECzlic8IN0bf8OIncamK6wbUp4RSpyZBS3dBlCEHp3W7xTrTWKJLRTOWlmkzWf_6ph-XsDiwYNnAQ6Z0AB0NF0ajTO2UGS26rUKMr_skxpoJv8IWGsNT9qPpMFaikNYlX7BCuYgDJePsWhei79WqrQvPVEl1eQOLTRWlawL-qZvD8TJKnzeBwPYaV_Qcm5T_B7jnn0iKmOL8P7rgB_RpYlXaKVBQeIQ1FhPCQH2MRuzuzq7S7p_wU2Tg9Adr8de-AHkGLIq9vd61vQvSNVs2PyeNgpEgXjYCN__LMg1PY2fH8nXK6aU-Cj1l1EWwwEPjVjvw0wSljIuxD-xpR6UAK7jtC1_zQJa7ks58mF9k_hgSCwc_Hu1KUyXcdXJAwflCY4oPc2pn02gg3gTs_lXMksz_WcF17QuGN98S1EjkJE0Yr68PRsYekAAfYXhG3OMIO9oIL4TrYZ-ZexPOdzlCDmrYHmHFOzyLkdhPnn_dhZl4FPsHRqWQbQfwnu3z9J9NMcDGo70wOOG8S21GNbe8MAfm5LdgV1EL8tQnXehqhohTkFpcBo3NWdoOHIoTIsqz8G55MP86ruryMWV9GMtCcngMR0GqKenJbdvm1qNGrCJ06wUzxKSaz0_y7MfAMR-5nIOcU5x9Dcn7SLCg84Cel0ZNcYtk8jZOtr90YAy4dymPC-7WVupYRbqxiaSdjk_dG0NH-VwhICaTgBwtje_zsZYvxT-VpqeZaoXbiwKy0tWC-lhDpFQA6e3gBACV6uj_ZWBv_YdvmhmjXzTa7tCwvgysf

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 99ms
33ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wheresgeorge.com%2F&domain=www.wheresgeorge.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.wheresgeorge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 07 Jul 2022 23:34:22 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1166
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wheresgeorge.com%2F&domain=www.wheresgeorge.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=QRrO2XxmYjIvSUdkQVUyZ1VzdVdKWk1XYmlxMitHa01KYTg5elltWDZzT2FpalMxS0xKYWowaGdDeDFSNjlmSXFDUVpORW1YSHMwMmpONzFoS0NtWHpPWnQ5TVdpMkxWRk1rcTQwY3NGNEJNUEhUZEFINGJsN2pNcDlIal...

446 B
685 B

29ms
29ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=QRrO2XxmYjIvSUdkQVUyZ1VzdVdKWk1XYmlxMitHa01KYTg5elltWDZzT2FpalMxS0xKYWowaGdDeDFSNjlmSXFDUVpORW1YSHMwMmpONzFoS0NtWHpPWnQ5TVdpMkxWRk1rcTQwY3NGNEJNUEhUZEFINGJsN2pNcDlIalQyQVY3L3Z5amM4WEVRQmJHRHExSHJEYUMyQm9lMWQ3LzNtRzBGdVE0OUUzL1hoTzdpamM5TVhIQ2R3VEwzUzBOYTVyRWVNc2x0TndaOURHMnhWVDkzLy9CVHRobmZVZVR1bFVkdThpcGFCS2FCZzVZL1VyUFFrYWJSeGNCbVRCNHFNUklMZ2dLVWJWcGF6aUlwRENVRGw0dTl1Q1ZtaVdIMFRKemtJNXlUQzMxM3NOZS9Ccz18&cppv=2

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

534045a400bb3041a70ba98abd251695a77815dd9ca72eb93b68844c11533908

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3565
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
location: https://mug.criteo.com/sid?cpp=QRrO2XxmYjIvSUdkQVUyZ1VzdVdKWk1XYmlxMitHa01KYTg5elltWDZzT2FpalMxS0xKYWowaGdDeDFSNjlmSXFDUVpORW1YSHMwMmpONzFoS0NtWHpPWnQ5TVdpMkxWRk1rcTQwY3NGNEJNUEhUZEFINGJsN2pNcDlIalQyQVY3L3Z5amM4WEVRQmJHRHExSHJEYUMyQm9lMWQ3LzNtRzBGdVE0OUUzL1hoTzdpamM5TVhIQ2R3VEwzUzBOYTVyRWVNc2x0TndaOURHMnhWVDkzLy9CVHRobmZVZVR1bFVkdThpcGFCS2FCZzVZL1VyUFFrYWJSeGNCbVRCNHFNUklMZ2dLVWJWcGF6aUlwRENVRGw0dTl1Q1ZtaVdIMFRKemtJNXlUQzMxM3NOZS9Ccz18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1483
content-length: 567
expires: 0

POST
H/1.1 200 725.json Show response
id5-sync.com/g/v2/ 213 B
627 B 59ms
19ms XHR
application/json 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/725.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

bcdac686e3dcaff3f7a4a23dab122b929059d6895e532ef610e0bfebbe3d9be9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Thu, 07 Jul 2022 23:34:22 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 id Show response
id.crwdcntrl.net/ 63 B
341 B 62ms
53ms XHR
application/json 54.154.180.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.180.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-180-162.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: cac3ee9d7b899032a698e9d14e8169304f636f49b467f1b136275620e36ca95a

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
x-server: 10.45.15.210
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 63
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
393 B 44ms
44ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/159745/4535/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 6df19aa79226f50b356234994694f481dc10822142b83c244ea1b02e7ec9a0b8

Request headers

Referer: https://www.wheresgeorge.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 06 Aug 2022 23:34:22 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 9049 0
0

GET
H3 200 container.html Show response
d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 66B8 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207071418/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:21 GMT
expires: Fri, 07 Jul 2023 23:34:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1084 624 B
297 B 30ms
29ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWvB36eXd0osdl9ATGhq6dTW8Gq5_zPyRrPbwPLOM6Ycba52h9QBZcgc9TI48VAqCO4CWi69aHz_RaPTg64JCjg6y4WfuEgEI9hYB0JSnXiPHXvooglEMA_kcJX_5Jre_6bMnLz9EMIsghgvSb6ZBRxrmRE3LXzdxCTdGmB1RFWXp070fQ

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 66B8 14 KB
11 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A-oq6wt3OKdxeG9WO4K-VVSG40IN2p9CfEF6KOGqL_JFNSRpe1njLgQUya8BOuLuVMS5eTM8qAZtkwb0asu0p7c7JMdl-GUHSqocsk1Rr2ncHdoI6KLsOKHqugS-Tcfv5nOGGAPU3VDznuqp_m6urIcKMJiA&cry=1&dbm_d=AKAmf-CnREhIjXyGhFZdxMR-AARHwAtjM3eanDHS-QfRtAxmpwfWfh07mftERCJ67ZRrI7E2Pd8-PsmygO7K97kqBHy54JmgEDoPY9KCvlP_mVIyU5idcKHLKyOKJfexe30HYUwcoNWfhT2gxqouFlsw_-P8evE5Y3uOXM-iVulOHTzAAtjt6yV3x09jIQL5WEOZy3FInNXFcMZHt5_dJdC8UAdDBSF-yp1XigSbdYZ20PnbsID45G9-pUZ03tKwn8nLX7qVtpZ2sWHWJlTMJkc_CtUv4vcGQ2Zd21VByc96bE1eDTRTPW3u2BfMr-Bt4I9y3o9s8Earf43YIWd7dipYjo_XMu87nS48_G12GzdNdFcOv02NhJ1BruTkKbXNYL1jPN_Tk6lMT00PbHcHtu7Z8KRgswJ76z_1Z5ScumVNmGKFlh1529ef93CrQsHcVyOmTvcObn69ybTN2vGlWl-96ccQTibEAkpv3sqNjxpVGFAwvxbSKSqEnjeK-83qQoEUIAWD3QyhHWibKJq8ojPp86fVQ9LW4iICpHGdTKzx8oDJiviCRqiWENXJ_aATzXz9YQD88VNQdoRTcphdD34RurCBYAbt5M8GT8h5XSt4n2uKhGSbEymbLEIO4WFaHdpJGx5vxILPzErhW-HerTuJJlEE9giRNR7uTIafkmYqtcnQ8yBg9DR-8Wm8ObnSfsCkOsJYKwQIg82a62GZqdk3Wq29wk1j0WLbZ-y8z0G-Ye9DKkJqkcaLnk7fE6ztybMHPsFKtm84O2DjLRk4RZhAqSEHA9PfLsHovOe1TdjeTEB7rNMBYBFi5yFAvtQl1XZ6KUsPyZaLXz87MiQ3iWopNRSk0xIu2cc_6i9IkqzWdYUUNUF79A8I_E78fkq0CghE0Q_JPgS47y5SNx0uElyMqja-xShne_5d0bIOAh7Oibtqx2vket7dFsa_CrcK2GQJzlm1MSzOIW5sE_nrX836b97Hu7dVSjaJulT8Fe9qj4pMHzV2ktrYa23W8Yy7cXwjCf1sfqTqhSVpO6iSH4KRFM7Ucy3DlK7WVPENT88LgJbYsNg4cSGGz-2I1KmFKcwRovq2zX61N84u-zKwxUWu6C6mrWISr1s7gs4LWEcJxFm1uXYeaId__xDe3RD3Rmb5gOpzoVCv66auwvHZryyFVCJ8IJPbBKH9Rh2nXUYqlsjVhbadd2iKkdiBQEvbWNlE-ZNQP4l4HVFMCqQOXx7O9gG3NQwy4Hak7UICt-wRwTmajBbq3Mp75S8rPqun3DlwN_u3kePBNSrB6LXxr_2nntwSpdqBzfQXnF3ZaP_rnnQVInmQQkMEbZzY3SDhkiB1LdIc7vN60OOdnVkX6rlO5UnUGjkm5v4Zm84isALCyTOKk1KJ92Ee53bVS61mCqrPDd0CccSyJOJyAvXDmdMM_dNVd_IEYd4wcZ21VJo0J8JnSGb8YZK5JC8H8Z_QGJoMWBo_mLVkBBDcVvHncxXny9CRWPbnk1zngZYT8t351TTdqcYn1c8nNlaWlGzn3izdUk508vP4ltPcQacJjy466atT_32H3DCY7ICNmvTVXiF8dL3IiXC2hIIonoT1_a8073jbtZ2hEnMxv1LkLbdOS5Xc26hljhbTJj-w-heSN42As7MpR3fko1tewyaMXaR_L-iL1Ma3Kle8uFsD7jpby0ojLggbxCLrhC7fhN-2PhvZZY_cBK2UjUcEODcb2mDpBftqpnCy-53Ol6oNeCfe6tJpUhJNR5Sy597P3LJ6-yiK9aeIAKma0OJxDA9tquLnIN1QSb9tnLealQk0h3fGDRiX9yp7r8kNTQBj56JCVJ-GiVkaJMYOf_6ed4AKlG95amSHOOHu-quwnjDkC8aXHDXojav1EEx0P6UOjYQSzghNwE3Ed9Xn85TFCol5FBTCgLyztUzQpdkrrKN95pdmkyrsRo-BxvQCzrajFabJ4PnMrygKAPpikaIoXweaJujVL6E01gdApPuZUu2i0m3n0samWOD3RMUADKl2dSBmstXkykbFrkOD-rHYKr6BUrU25G-TmZRGrrkmNN7TiV1XmTjrrupbRcqy2bnQPKlsrmW4LHMssBfYkbOw9c9FMlKsbcqQjLCmLlFPZhAODV0wD0PXqHQaZ4UeYuGiEeTO5C1MUblzKqGyhrxQkjhD1KQ7--mpHQSuRcVxNiezOpMhbG5kyl3GfLCw2myD8koxd_TnJc5L5oi_zKprzuB4xiS7jetT_4plqNvs_Gt83zo25QRNaqzGHJ_p5gXoN02X7ARcGUQO2ToKuetpEg03rPIqBrKQfRbCupYnPnPQ0Yt65qc9LgkzYOq0-ErD-6BAZGyMFRlM2pJUJ9NwCE3nWF_PGizz28NteUUxO8y2EXMDpX4ZLrxYkHtBqMJwsV4bmMbxzHKWIPIOLQqQG8yJK3YGOQQATLrUnbKz2m6_PhxYxaHbZRcbuUFYJP1ec78a1s2PvmnjyKZdZOkl3b3FSGQe2G3opxmhp-g6-ILivENOqOUC3mUsHO0H23i2tBtt9LuMux4pLfp1G-2nkK3_VHKJ0RgfW3WkqrxKTc3dVmpDfMKqJnWp5sEPIMNl0BuT8dt4I3nrC97Wo4bI3G1_LWiRI9dQBcd2wVEVGcipyiEOhgdLCJwIK0xrgQ0h24VgowlGpH_Cy7YCtw3eFzg_VzN-YPiwM60yRZOuR8RdGFppNgl67GR-zWOyNryCbZ4Lz4wW47ZnebM&cid=CAASJeRojrGgGQ-UVQD-2Ug34rai2Tl9SPa0X1SQQhBJJ4b1gRZtL7k&rfl=1%2Chttps%253A%252F%252Fwww.wheresgeorge.com%252F%240

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d914886a61937fa4212395b17186b750c932381dbd90bc1bf07cd194cbc29ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10781
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66B8 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWQb4adj69KWvysZPNkrL2aWXWHAxvcjNYlct654zWzITvOmCSCrKCR6OTBiBuHapdrOR2dLSdJlIRBmhHpQldr1Nlij4enzK5IrLIQC-G5v9U2OE

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 66B8 2 KB
1 KB 27ms
26ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25719834&cmp=27916106&plc=337305812&sid=5829972&dvregion=0&unit=728x90
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:37 GMT
Server: Microsoft-IIS/10.0
ETag: "fcf82911d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 66B8 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 22:51:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66B8 137 KB
42 KB 29ms
28ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 23:34:23 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame 66B8 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3434
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 22:37:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 66B8 0
0 27ms
26ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQs2T4_Uy1fUFq3RZe5k6Oa61eOWUx5dCFLvm3Ree18wketSKJccL3K1DebrVTpkvSYiRAGc-LDv1ecgJSAp8xafKdXpg
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 66B8 68 B
345 B 25ms
24ms Image
image/png 3.120.67.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_TWJaVFFTNDk2RUI0U2QyN0lMVTRyYkhYbko4LzIxNTQ3NjU3NjE6NzI4eDkw&v=5&s=v31g7dg7e1f&id=eyJkZnAiOnsiYWQiOjQ0MDI0NTQwNjUsImMiOm51bGwsImwiOjAsIm8iOjIxNTQ3NjU3NjEsIkEiOiIvMTcwNzM3MDc2L2Rpc3BsYXkvV2hlcmVzR2VvcmdlL3doZXJlc2dlb3JnZS5jb20iLCJ5IjozOTEwODAsImNvIjowLCJzIjoibGVhZGVyYm9hcmRfMSJ9fQ%3D%3D&sb=undefined&cb=2428072&h=www.wheresgeorge.com&d=eyJ3aCI6IlRXSmFWRkZUTkRrMlJVSTBVMlF5TjBsTVZUUnlZa2hZYmtvNEx6SXhOVFEzTmpVM05qRTZOekk0ZURrdyIsIndkIjp7Im8iOjIxNTQ3NjU3NjEsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.67.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:23 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 81ms
27ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 07 Jul 2022 23:34:22 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1546
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1084
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

43 B
911 B

44ms
44ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWvB36eXd0osdl9ATGhq6dTW8Gq5_zPyRrPbwPLOM6Ycba52h9QBZcgc9TI48VAqCO4CWi69aHz_RaPTg64JCjg6y4WfuEgEI9hYB0JSnXiPHXvooglEMA_kcJX_5Jre_6bMnLz9EMIsghgvSb6ZBRxrmRE3LXzdxCTdGmB1RFWXp070fQ
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 727463fa6b7f9b33-FRA
pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFA7GhsADYIUKjva%2BcoEEkg3P%2FbA%2FVYlsKE9L61yEiW1fPRV2nruqoXZy9dnFbeLbjxvLHrYPOJD7%2FiwnxcpPTNOhMjB8HT0yT7Wj%2FiVm8G3BGtHngFStoFpf2o7cz1Ryz6lM8KRW7xKVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 1084
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsdtfhVhDKDia9NSK2xVjAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1

43 B
914 B

40ms
40ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWvB36eXd0osdl9ATGhq6dTW8Gq5_zPyRrPbwPLOM6Ycba52h9QBZcgc9TI48VAqCO4CWi69aHz_RaPTg64JCjg6y4WfuEgEI9hYB0JSnXiPHXvooglEMA_kcJX_5Jre_6bMnLz9EMIsghgvSb6ZBRxrmRE3LXzdxCTdGmB1RFWXp070fQ
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

cf-ray: 727463fb3c0b9b33-FRA
pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2dELPjbB00G%2Bi%2FlXXz%2BUFK0Vw1G1f9T4ajxWXOgUVZzwc7HdmhMlZfW0ky0LaTuyFr8LyRgwdVfeBZjkuau%2FxAEO2XZC1ZPf1mLnh4pv1vXxx4W%2BHzb4TTfyiEF8h%2FBm%2BHK54pClD45ng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOlyAobkpa8YxyUId1AshY4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1084
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1

43 B
1018 B

27ms
27ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWvB36eXd0osdl9ATGhq6dTW8Gq5_zPyRrPbwPLOM6Ycba52h9QBZcgc9TI48VAqCO4CWi69aHz_RaPTg64JCjg6y4WfuEgEI9hYB0JSnXiPHXvooglEMA_kcJX_5Jre_6bMnLz9EMIsghgvSb6ZBRxrmRE3LXzdxCTdGmB1RFWXp070fQ

Protocol

HTTP/1.1

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:23 GMT
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c9c3f78f-6290-45ab-a3fc-d0c56d039515
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJwtqza_gl5cF0oocyRpNHs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1084
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:23 GMT
X-Proxy-Origin: 217.114.218.20; 217.114.218.20; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e0e0e568-1722-473a-ba78-72628ad24bab
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzU0Nzk4NTk5NzIwODU5Mzc0NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 66B8 41 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58896
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame 66B8 55 KB
18 KB 24ms
24ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0751 22 KB
8 KB 18ms
18ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 66B8 1 KB
900 B 26ms
25ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_496722898860&jsTagObjCallback=__tagObject_callback_496722898860&num=6&ctx=25719834&cmp=27916106&plc=337305812&sid=5829972&advid=&adsrv=&unit=728x90&isdvvid=&uid=496722898860&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=1.80&dvpx_strhd=1.80&brid=3&brver=103&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=6&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH96C6D86%40C86%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH96C6D86%40C86%5D4%40%3ETar9EEADTbpTauTau5aa3%6037c3a%60f7d_257b62cb_f5_h5fh%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.00&callbackName=__verify_callback_496722898860
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 235f932738eb99d01f5ebe8793b1b8373794816524102a9cae732baea79ad8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:23 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 07/06/2022 23:34:23

GET
H3 200 yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 0751 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 12:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13895
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 12:40:04 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 66B8 0
319 B 21ms
21ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=3e6e3c89854b4928b1c15a38aed990d4&vfdur=27&cbust=1657236863147871
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:23 GMT
Vary: Origin
Access-Control-Allow-Origin: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 07/06/2022 23:34:23

POST log
protected-by.clarium.io/ Frame 66B8 0
0

POST
H/1.1 200
OK log Show response
protected-by.clarium.io/ Frame 66B8 0
337 B 67ms
66ms XHR
text/html 3.120.67.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protected-by.clarium.io/log
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.67.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 07 Jul 2022 23:34:23 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 20

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 91B4 1 KB
749 B 19ms
19ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36491
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 08 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 66B8 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 255248acea88c804d261a88cc5b24295470fbd9a7859b9311e8c8a84428b13b4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91B4
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEB4iLtrM9g9o69dZKkErc3g&google_cver=1&google_push=ARnp8GDc6e687tAW3Ch9dtKgUNexCjD5y9pW0Bo_fta2DU5_U-7T8JcLyGJ9Of4VsCUOUbHd3SDv3seVqe3hKj49...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDc6e687tAW3Ch9dtKgUNexCjD5y9pW0Bo_fta2DU5_U-7T8JcLyGJ9Of4VsCUOUbHd3SDv3seVqe3hKj49rcYnySoQ6cyAEw

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDc6e687tAW3Ch9dtKgUNexCjD5y9pW0Bo_fta2DU5_U-7T8JcLyGJ9Of4VsCUOUbHd3SDv3seVqe3hKj49rcYnySoQ6cyAEw

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 07 Jul 2022 23:34:23 GMT
Server: MT3 4475 c1dc35a master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GDc6e687tAW3Ch9dtKgUNexCjD5y9pW0Bo_fta2DU5_U-7T8JcLyGJ9Of4VsCUOUbHd3SDv3seVqe3hKj49rcYnySoQ6cyAEw
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 07 Jul 2022 23:34:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91B4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMiqG2jbzVgP_-YnLHHUc_w&google_push=ARnp8GDUa2rjf4HxIxmGnEZ4aGgM_slhQqoZJwZbpCPAcU7piG0ReV-VaN...

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMiqG2jbzVgP_-YnLHHUc_w&google_push=ARnp8GDUa2rjf4HxIxmGnEZ4aGgM_slhQqoZJwZbpCPAcU7piG0ReV-VaNi4t7_ZZ7i0D9OpLPDuJv2duntH62hUTd6twrCGYkHzsQ

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1657236863.370505,VS0,VE93
x-served-by: cache-hhn4036-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMiqG2jbzVgP_-YnLHHUc_w&google_push=ARnp8GDUa2rjf4HxIxmGnEZ4aGgM_slhQqoZJwZbpCPAcU7piG0ReV-VaNi4t7_ZZ7i0D9OpLPDuJv2duntH62hUTd6twrCGYkHzsQ
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 91B4 0
191 B 121ms
34ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESECoZ54AmgoZWNyAMhJgUkNE&google_cver=1&google_push=ARnp8GAdVb0S-KWm1gf-7Oi7UslpUeRgZhqD9A7rXfq2xPKzgy518eNNlwQ0SSbiLh5w6IT7A3hBPBBlV7mrEQ8ZUg3dRBM6Vl6PSg
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:22 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91B4
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEG4yM7v6L2OWWstggaag7q8&google_cver=1&google_push=ARnp8GA8JysVI82r9smA9Ww2BiRpOPVcYIkV7s-6FxivoeAm8KnFpJfstNLz5QgsMLwycuw4JTWDxAdVvgn...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA8JysVI82r9smA9Ww2BiRpOPVcYIkV7s-6FxivoeAm8KnFpJfstNLz5QgsMLwycuw4JTWDxAdVvgnc_FPq36nj82h3Lr5B&google_hm=i14LRjwDSQ2-Ev7GxuJ8wBQ

170 B
188 B

36ms
36ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA8JysVI82r9smA9Ww2BiRpOPVcYIkV7s-6FxivoeAm8KnFpJfstNLz5QgsMLwycuw4JTWDxAdVvgnc_FPq36nj82h3Lr5B&google_hm=i14LRjwDSQ2-Ev7GxuJ8wBQ

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA8JysVI82r9smA9Ww2BiRpOPVcYIkV7s-6FxivoeAm8KnFpJfstNLz5QgsMLwycuw4JTWDxAdVvgnc_FPq36nj82h3Lr5B&google_hm=i14LRjwDSQ2-Ev7GxuJ8wBQ
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 91B4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEPxttIzDVvxMnZvtoCctOgU&google_cver=1&google_push=ARnp8GBTjZWK9nIztg5bT3Hb0Ha2EoaqfKs35DOO1gF1ysuRHFuMlM3EaNPXHr5Lw80Llzo9PWHQmj8X...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEPxttIzDVvxMnZvtoCctOgU&google_cver=1&google_push=ARnp8GBTjZWK9nIztg5bT3Hb0Ha2EoaqfKs35DOO1gF1ysuRHFuMlM3EaNPXHr5Lw80Llzo9PWH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY3Nzc4ODc3NjgzNDE5MjgzNA&google_push=ARnp8GBTjZWK9nIztg5bT3Hb0Ha2EoaqfKs35DOO1gF1ysuRHFuMlM3EaNPXHr5Lw80Llzo9PWHQmj...

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY3Nzc4ODc3NjgzNDE5MjgzNA&google_push=ARnp8GBTjZWK9nIztg5bT3Hb0Ha2EoaqfKs35DOO1gF1ysuRHFuMlM3EaNPXHr5Lw80Llzo9PWHQmj8X6nd8J_eAuFAOn148auCU

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTY3Nzc4ODc3NjgzNDE5MjgzNA&google_push=ARnp8GBTjZWK9nIztg5bT3Hb0Ha2EoaqfKs35DOO1gF1ysuRHFuMlM3EaNPXHr5Lw80Llzo9PWHQmj8X6nd8J_eAuFAOn148auCU
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 91B4 0
75 B 137ms
31ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIzeO-Ra2-GN944NL-zB6d4&google_cver=1&google_push=ARnp8GDA5_vHCBy1b-ENYHCjngxXpGms4ONtlTcpc8eBkkueXbcuYTwIxebZIwj0XZQ57p10OJQ0-RNXBMz1vRts5J7fJHX5St0LiQ
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:22 GMT
content-length: 0

GET
H2

200

/
onetag-sys.com/match/ Frame 91B4
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJWUlXY1_bQxaKlLfP3ZtRk&google_cver=1&google_push=ARnp8GDf7eNVr-C1XGDpwJ9XEmSVJLQPesosnSoJ0X1FZbrZUXDM0wSM7vnyTHxhb8YeDNKeYkMpAFNVUfv...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDf7eNVr-C1XGDpwJ9XEmSVJLQPesosnSoJ0X1FZbrZUXDM0wSM7vnyTHxhb8YeDNKeYkMpAFNVUfvLDRkgvIxvmDrS7lrAtg
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

20ms
20ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 91B4 0
12 B 27ms
26ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITq3oWOHRgj2DdVNiuiX35eelIO4BE11WVzfUROeW_0jJi0BXcfysTX9qJqZKp3TqEQ_upBA

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:23 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C52F 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszzajpzgSt8hSQhl1pKHrdtS5PYnWGDtXqi5WbXZaup53e3TuXlRAAv7M1MrwdMdUZssLMDtAZV4p5SbydFFSPH2-wLj0gNFg97MLJZqmD-VvC56L1NGC1pDS3BH5MlwxOV3vnBuc&sai=AMfl-YRFrnSvPngjfrOuvInUv4LB1ZICHqz23T5SsRmhwOwGJJBq2_c9y9OIJXu6LSBUpcU3sxOH9slDD1nDuGG4RvHdZeDmHLE1jK9umdh_JhrrLFsjEHdY6b7l1QIG3iY&sig=Cg0ArKJSzCudmg6_Q7IfEAE&cid=CAASJ-Rof8RtOeaxqguhTxYoBAQd3sSu-BBnOm1YLp4l5eYfXuFV9YPU8Q&id=lidar2&mcvt=1001&p=516,469,556,510&mtos=1001,1001,1001,1001,1197&tos=1001,0,0,0,196&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1561093687&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657236861608&rpt=536&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0751 0
20 B 53ms
53ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNDdlf23HYoqPA9nt-gbQxbrACQAAAAA4AeAEAg&bg=!pKelp-PNAAaLlKKnq5Q7ACkAdvg8Wsyo4RxBYQymhX3WvGoEo0GsHP3bdK2vRAVwhXhwHi5LQjfcIgIAAABUUgAAAANoAQeZAug4hlbrbZpN368Z3rjlR4bchO8YSiLMWmr2LMsbLX3J73Qv_je6mtd0w2GiKpoBx7gSNOBXCZsuDMaYv34KnR0XSIxjUbE8v6JYu_UbCY5BIHnP1I_-woonAMVgeqyzIXF5XPmJ_wuJKZug6ECtJt7zII4i0i-6BtLHt2UAwq-nRlNcR9KgwdFzuKG8QTyklrGXPKC2ZB_XPMNkSfdM5JHXhFxjTNlrOxU3jYE62x3iam2TQRQxsu825JKN0SdgBbqZEBtRU9GsCa78H9rzlArobI_WxE0qCQWdnbLBZeQDXwQB-2bXPSu9NDzipDwv-HkMTE2fQz_MlJDJa-HESn-6wi45-8OqCDzFDx-XjFca-0BYeq6kT65P6vheUTkYEZI1STl65KTu6JoIHAT58pgy0MvHz0rnlPclSyrUETNEHqB2zYkXpAQv9Ad6qKwlRhVjCG8WYEJvfeeBmLlshSgOX2rQMEYiX-_OahvF0yta6G2ElDdmA4hBiJtkQ92nSfCs_YYWUo4oqTB26faUp6iQA5bVp1EbyybwEPmervTbRIWkTjJn7TuqQQD0b9v_izNUfn_3g8aKp5GSd0IfISbQ4NqPlnur_uXkApeHGZqkrzNxhN9IOVs0XFdEXiEZnDU6kbK_IyFCrZ-TMaJFrb-1Q9z9mwL5Mr_bmd0Oo2COLMoUDLts1k0qQqyOYcQZspD5YO6OCt3MiB27f9oUE0YD-Uvs5wUniMxC-x7Ui5A5dVlBlrxCivn1lT6lgRPXEXw1A_jffud7YVkEBMCUG6mcBXWcqfZcrmmBOSaNW7ntQj1gmMo--Sof92NQfXqddht4xYhc6MmiqCrqbxkcnXizgquaGplFX8AE2KBQwYN4b0_g-yfDj9WoqOm2L4tSRxcOSzQzDt6QVnd154rqRLdyX2MP3ClQiCY_9V1Kq8V0cpxz7X8YRkBWacw_Tx1uCYWMysUKa5GxynbDXi1s2VQ7Hw6vVC4zK5Y

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2FDD 0
0 58ms
57ms Fetch
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CS0ZnfW3HYuWXDIzjgAfl16SwBt-Dlehqiq6hwbMQ3NkeEAEgpOT7ImCVgoCAlAegAcXqmbkCyAEJqQKi7zyoXQqxPuACAKgDAaoE6QFP0LFrurxFUITEnGbEJkPsxrazn7yum50XBrnUXfaC_y93S5uCt4-OTw-IjFK1fJVtLOjXfb3P_yJNRrSWuUgkkvaFj2D6Vqnr25g-T-M3mlXRBqIlFCZ3PfCck2LvqwCrAqZkMtegH5RM1fcwO8XH5bkAbETruUX1hHEgSFpqgW-IEIwyymxuuyewPO7Z7O0O-26TpBXc7_1jqST-gnWkO9c_2ViLvHaatYRhFZS_Ct0iG3hhqboEDe0xxyIonvTOeAnxWrCCmbzA4GpFJdKeepYW_JsxD-OrFGJvH_gbl3-pAd94o_poJMAEgPvf9IME4AQBoAYugAejlebGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENydI9IIEgiI4YAQEAEYHTIDqoIBOgKAQIAKA8gLAdgTA4gUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi0zNTY1Mzg1NDgzNzYxNjgxGNyKFQ&sigh=wmQRKpK4FRg&vt=1&template_id=419&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2FDD 42 B
64 B 65ms
65ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvewY3jo9hs7o1laD_yxW51sKdw2AdUfrONCJQmfI1IjzJ4IxWYAjtR4kneebXR2LpIAdJW8we-bRZ-6OXUnhRMtuNZgOBmhb6PGUB5jIEULXuJbW2pv4dNloSm_BImviJDzpB-Qxm8gFScOQj0RXbzJgpYZCjD5PG0Pw&sai=AMfl-YTX64HUmkN2REiBbxTTQs4m491TnmnnGQYxip3DBT0_0AVOoVvDjt8duIE5LlgFJTDbb61NBbA6kMSR-gRrhVFYpRqnQ0NtsSyMsOsP8nSpoCAI0bcdch9lwNqvPtvN&sig=Cg0ArKJSzDbi8f0o1tNeEAE&id=lidar2&mcvt=1001&p=843,946,1093,1246&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3345730538&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1657236861632&rpt=733&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 35ms
35ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022063001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22c36e25c3465048bdd6cf355406ba688c423d3ef7b95b60caeb716939fda79c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10496
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 23:34:24 GMT

GET
H2 200 numbers11.png
www.wheresgeorge.com/includes/odometer/ 1 KB
2 KB 143ms
143ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.wheresgeorge.com/includes/odometer/numbers11.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b925fd0ba0388372309bb41e931b81d430d8331b28f0eaf756af46c8f9d00b6d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:24 GMT
cf-cache-status: REVALIDATED
last-modified: Sun, 04 Aug 2013 00:21:49 GMT
server: cloudflare
etag: "5e8-4e3142d7f2140"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eXRi5hv8CWOfrfyj6fnDOwI19dWb3BMjB7MXOJ16OIjb6hNSR0GPsYdxgP7SVjuDr%2Fr7YW9jdc9k4WL1rrZ9ma61CDDbq0CrLT%2F97vvgkd8htlGqKLwh8RLfx6zad8LX%2B85fbHKuzfHr9ubdlm%2FhiSZB"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 727464005e6e9bef-FRA
content-length: 1512

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B3A 13 KB
5 KB 19ms
19ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 19:30:19 GMT
expires: Fri, 07 Jul 2023 19:30:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BD9C 783 B
533 B 29ms
29ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbb03f50a14117181c4c8c8b846de53885db37294c71a8414b2676f894015fb5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iJMywyOdcb2u9pvk9qsLOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-iJMywyOdcb2u9pvk9qsLOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:24 GMT
expires: Thu, 07 Jul 2022 23:34:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
131 B 41ms
35ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:24 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
42 B 98ms
26ms Image
text/plain 198.47.127.18
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=159745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:23 GMT
content-length: 0

GET
H3 200 yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B3A 36 KB
14 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 12:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13895
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 12:40:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BD9C 0
0 66ms
66ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022063001&jk=908605324964748&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5B3A 0
9 B 19ms
18ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BEDXRw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 66B8 42 B
64 B 64ms
64ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthhzHq2u1aXCzIvoTcnuEmE4O4vORqON3cpe88sPyCvKdJR9mHbTwHEVjKNsACcRhbQ9r1Ee9AWNY0SB7Xkj3hOUIZZdd0nvWFuyLBwiqfH8_miQRYk0EsB0FJxz-xT8gLy1m81g&sai=AMfl-YSTfLZomExXD383Pv5-x50dQgH1h-P-q_KT3cf5gd_cBS8yCRtycFZhiOE5VEgiEuf1l8hF1FnAFZH3opXNpiEhCxqbBmCZ0vZWpslfeZ5hsC4UqmIPNsl7t1sQ&sig=Cg0ArKJSzEVYdzt4F2l8EAE&cid=CAASJeRojrGgGQ-UVQD-2Ug34rai2Tl9SPa0X1SQQhBJJ4b1gRZtL7k&id=lidar2&mcvt=1000&p=0,437,90,1165&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1253105972&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657236862917&rpt=334&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
27ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 299ms
298ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=908605324964748&correlator=3251246881076428&eid=31068364%2C42531608&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=170737076%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C468x60%7C970x90&ifi=5&adks=1253105972&sfv=1-0-38&ecs=20220707&ris=2&rcs=2&fsapi=false&prev_scp=auid%3Dleaderboard_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie=ID%3D947991643eba1d8f%3AT%3D1657236861%3AS%3DALNI_MZbH161nJJq9DGnYa704JBQ03ErMA&abxe=1&dt=1657236864425&lmt=1657236864&dlt=1657236859553&idt=822&biw=1600&bih=1200&adxs=437&adys=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=969x90&msz=969x90&fws=0&ohw=0&ga_vid=526263631.1657236860&ga_sid=1657236861&ga_hid=259042230&ga_fc=true&btvi=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjK547YnTBIABIZCgpwdWJjaWQub3JnGKLrjtidMEgAUgIIahKTAgoOZXNwLmNyaXRlby5jb20S9wF6MXQ0bVY4NVRIaHJla05PUms1cFpVVlRKVEpDTkRWT2NuWlZRbmRPTmtkV2VEY2xNa1kxU2pWMVVIWnFUMkp3UlZwaFVXSkNjamd3U2pKcVkxRXdaSGRwVkhWdFoweE5NbUpaU2tGcmRtRjZhSFZIVjNWNU5UaExaV0Z3WTFsck1Hd3pUR2xWZEhwRlJEWlZlVmhJTTFGWmFYRTJkMHhUUTFOelluZ3lkVEJNSlRKR05HTkVhRVpFWjFwU2RYVXlOWFJOYWtKWE4yOXZhbmxXZEhaS1RFMDRVWEUwVjNSc2RVOU9jMGRWZGxaSGIyWmFSMk1sTTBRGPPtjtidMEgAEj4KBW9wZW54EixleUpwSWpvaU0zSTBZMWR5Wmt0U2FrZDJURmRCYWxWMFdta3lkejA5SW4wPRjT6Y7YnTBIABLCAQoIcnRiaG91c2USrAFlclIxZXQwRHY1R2xaK3FqUHN4NVFQbVcrakl5V0hBdmVsNkg1Y2x1MzZRZko2MkVsTzRLMUxMUms3REFtR3BLYjRaT21MaXoySEJRTW1Xd3d5K1VZbWtneUw1bGN0aE9xaUhRWkdlWVY2SDZmNmlPb2dDSVJBeU16VXVwVGlsSFZpejhsRkxNWnRRVnFsL1J0d1VoQTFyT1JaRUZzR3psUloyWEwyMDRmREk9GPXnjtidMEgAEhsKDGlkNS1zeW5jLmNvbRjO547YnTBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

638cfb0d2fd292f4c4a16b104c18ce0e9a6626319a40997e3aaddbb159cce44e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12560
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
70ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022063001&jk=908605324964748&bg=!S0ilSAzNAAaLlKKnq5Q7ACkAdvg8WrE-6nbEM2JLecEgDUiraCQEfhZU0FYm_jh6MnKqwnJNSez81QIAAABUUgAAAAJoAQeZAp638Fye-X-UdBDmiqYwKoVAq1JfOrgfQ0uryi-DRHGjvRtKnvqfI7TM1HTKURHkchctoAHUmjOCzTuk1JrsXuy2wyi__fhl5gCt_EO-KQ_9-Ve0EjTV05Mo7JSJsEqA3paBkxyZ5UdHmb3T8_0xwdZ8fiaP_OU9kFsLN3iDHx2zbEA9DXp_-pamDVxvFHYc5m0v0Z_YAxaCzQGD9b-ql2cB1688qC1bRbKuGQj7nSByHpaCsSwwa6hqgEZ8ZGQTOPBhG-fSrlZKY5CmsPJhOGr3NDq0MnKS2vxEBXSteKHSjyjPthwearyEr3coVvd3q4NR4ZClLrJH8XurO3KyWq8z8O0oNhzbCWIMua6BjcU2uMjzKwf2m1Nip_inolDTq9X1-BB94UIDBeItBpEHtA8Fm84QBpehUwAmZgP-5GEibN3jADwR0_xnQU8GtKU2DMfynqhyJIxTzvRXF7BkpXpGzLIYE4Vn8LWEw318lFUkRueh39pKn-d7zKVDZ9eIlww9496PFv5hZ_zcrXNfzJf5KINotcEO3hZyY2vutTxRDzKKTi1nnRX5-k1x68AC0l7z0-lN7-DrAnPxeWEdhXAmehDc6bayUWLmE8DOhOHl7aGwSoZoL9bFhGTbZ9O6cqeIFIy0A-U0GDr-vuMb6RDFR3yYV127hwnyrhNNeRSQwowMckUOs5wBLIn_ekH_VPUeVJMEv8-opZGn8Ja1_iaOHBqVFiXZbdR3zVsZps_GkYISe1IBfuw_Cx61zPleQohqJ3T3YHwpcmz3xKENe0_GqCTH8rUzYja4hPn0q7NHpM0bloLRQq7bSUcsvoL06tY08uLLyH2lalHQuN4eto53zpeUugfib-M4odYq3Xwn7lqVbHF9_34qnkDDI918
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 66B8 0
0

GET
H3 200 container.html Show response
d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E8D0 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207071418/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:21 GMT
expires: Fri, 07 Jul 2023 23:34:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CDA8 640 B
316 B 30ms
29ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWIBymmAMXQrLKmtbvTG09vQKCQDs9DQPHdNB71tz7hVbh-DZ0urkmW1ynQj5zX8C1MCnMt95DI6_44LL5Jk4w2xpN72v7mLP4-ctRrhvhChPVKkvwSoCuyC_Td0MbR9hZVD31aGlPqMs7WxpZGEZokmb2juuMeIxNYIcRB5Y3lnAAijhQ

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E8D0 14 KB
11 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqNEPohb3Vg7jmd-wmbo1Ps1oJ15Fc7kCsGShvzTivYRO0yntcdUnynRwD7hw7XG8A5MzULiTw0hYLc6yrOqyuEEKQYzT5HMJMnrzDyZ0_zTHjTE288vURKJcO5DwUveuDuwCvppXDp-QSie3xy3oUWjApCg&cry=1&dbm_d=AKAmf-DlN52OqlQBJOb6feRw-bBmWChPM0pmIWrRO-fLhSbnPHNAzmeRajctXW28TaEUCwlAgo46ER8YW0yPOINaA42PSi14ghSZssaXvi8frsK555WfOhqPMnxQGjj1P_2SHcHqRW_s1zAcMYhno9l2_T8LKHo4Aot-c1tRUasdBUSzfXQnSvX5B4iH9v_b0j53wrdRySJjcHWvyPeSuaAJ3-U7a-YmSF5yIFDGncbrAoZRTrDq07AlUXxzijc7TLRUKPm2Kdjp8Lbgu0u5-xIi4mo10hoxcU_a3WaJqEIq0_R5RBKNmngtiZlo8O4ZvUTWJdye6hR9vg6XzkZKBtXXLUqwB872A906tiA2EZmvCUtsnkO41HQF-XryIMo7eU4PX5NFIPGHm5E1y_N-BW7hXqZrnNUfNaVc3H344qMoZ4ORsUpH4KAr_EydIMRuKVkIHhSOUyv-pLXyl-dmHKbWXZD5mkHbNQgY2CngTXNvpkI5scm5CdLrpjgLd0Dc7e7xQ3YDPTLCn6DrCEa7xVdTInyL45diAqWJWKyQGESFfBxzpDGvOk9Tii4L2Ux-1Y2PoEAXdpZ3VJpsZ0SBX8nEdmGceGJVcO2i9mLnc5Z9myu6ulBsq3M8PvdUlcZCywkhHjF9_RER38QMQqTB4oKAk3EEQ8U37nWat91YBqdmmdOsy_AvCjDmnaKZLjlh_k0FndaEyTsQXHQFDxnvKWDHWfn2zF4dY24JrT5vOIBfQWmJOUzOJEgIa_7UeVcby3HJIpCr-jrkyutUqTfO0cBJQztR4EhMvlye2eHWCuIW54YVH_fWlXrQ9PvD4kfK3J_1YuwegHSwoaPc8wJCQMnX3RGXktu140Z2c-P-5Jx27oMgcfHU7SGU2WqKA448vt2aUNQsQX-MDB8F3EgD_1fqQMFEcEt7sXLr4Rzm8r7G03Y6_ZpwcR5gj168ENh0ST5JNK4VC_M0YQdDJ8t6c0b-4Iz_L4xz_Yg-oCVtS_A45KarKvp15kgwQ-zbvKR4Y0Bg3DyG1lUWeidMuB66vuW4FN8lNFRk2JNeoll92sx_ZEqBLiIaV_wzsy8VkQrkU5upAkPNYIpOYzI2tA0pUrrLaaW9fWu4Sve3OWGrJiMWD4m3AqtoXTVnxQVE7tpbnmt_jiHsioa1lddZ5fr-9lpN5d-9sJVfIHiQ-71T_IJUcP6ni84TKyAJqzb9UIlVAHoNZBIM4IaAww6hqr-Kfohtf75GpUZ4rJEFjXYNoACvNxr4951TxFwQwodhabGq_4pMRg7kXbULSdppJ5eHjgdtfHbrem69hh76bHT9GhORGMyLuw8L3pmt15oowK6G7_qG6aEtpNbwjRakTa4xNBLrfoKn6oMcHeFSoPfckUYl_qzn49RzLJDmPA523QWePyBTPtGV2_ZM0MMhQsc4znLReTFSAafVX5EyxWA2FfVE5q5THr_uq1TpWMIU7AVdVJpaYIucLvRneNmyQ3WvDOtMGrXMX2OuDlQ9LXm1X4GYLefJdFXSIppXwQVyObg05JpH81HvVRiwXluZ6JyysCU4oydujP26DZgc6BI2h7V5bQW50GTbLIiLJFZh93sdtShKRVA1U0Tuu9aQnfid0nQyRUB002K6tzcCWR59YfNwGHeUoLTEPhow4g6Cfe6iGQUN2s4sIM_JPG0vwvy8l23IK1HJpN-HdT2165L-dGPUVrqIWPGVfXcch_aYSQ_PRXo905c5dc8rnO6p8wqNOzXlOVEe_WXNCZEoyLIsUSr_-4Nezr6icDOmoWAMjIMVNOjtpWP0e7c20gwr20a_K2ehvaTgIaOk4QHna6SYyW58U0XMajErAEJaatQDEvdsUQLe4a8O7J_EQzGd1NUpLUA6OcdDHTJwm3AcQA1mBiP-yqYTpQsX5BTg8PsENyDL1cDrtcaVh3H8kwvHANrw6HTzZHZNLfXoAtepIYFLaoS1sUJjFK7einnzDo_UHe321FrZBcl-iLJ0Fe69o_Z9YlNLqADZ79JmvdltAvam596WCaxvdfvIX1U2tc-cNT0FZKIJOlnGPURrcBUWxPMEXswrOVzNeq58-RhdTge3Hr4ZENrYHLON3e3voYshW-YpSaiAMtqkBjucU0qVW-CxCfq5SbpPKk3Abic3r8ei_F7IFlqbHh1RYFd1C4vQKTqpExWg_Lxyymi3StvMcyluJHBlRKRnQX8qCVckkxEq_J-UWYkPJbcDyvsCByMClfInZdZ-sCt9rSx1Ua9BbcHZ1KlR778-u7zUleT216W3Y_pxXrip0nJ9cfPMxJKfB2_XWOwEEytw392z04ZnMRxWFulb5PUDCPH9w6QBwtqTin6w9rKjNtsLN4nfNM6I0v8F6vMWWfmMXJTYO1ErKN4mT9handrIn93jup9oouGlFws4dXIBbRoMvxKo6lipBhVxCp6QFt241optNY-tBWy5ks0PXMPQClaA25Qp5LLyjzBO7lbI0Pc2udjIqn7BNE1ji38XkjPfdaqVF4vldLPrQJ4as0-bGoCtQYPuVDAhEdnQEb0fBr72wH0SNSwNZ2sA989UneGI2aFWmZV2nhw_uhfdjfbWwjLXgxk3y8IUceh8b24ncfh4D_izOIa9B-CfIJo9sywlzNv7IkaxBv08jNGeF6HG-o3Nx3ooqwFvWumft1QJuYM-1_WRmoheA8QH2kfCEi0QoZL1cA3Vw5GMMUnjs5cFrGTOtOmX_QJXKYKPpM_PG6pt08o&cid=CAASJeRon_r0qMkc17IorHNKmGlCHz1Ke_3qneJs9cIE_QKdqkFaobU&rfl=1%2Chttps%253A%252F%252Fwww.wheresgeorge.com%252F%240

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5b8de4e2cd40384a91cce39499893003b38be1a9504251dfc8339f2d78b1944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10821
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E8D0 42 B
63 B 53ms
53ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AfF8ptuxJgqnU34FScKzutCZHxm52hulLJCKXrJSYckZX0wWKZroEh6v-iPJ_WSLRza4vZ6ySoZcQT8sdCGVjWql4A4Z-vOObx_VvDTveRmHwMzi0

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame E8D0 2 KB
1 KB 21ms
19ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25719834&cmp=27916106&plc=337305812&sid=5829972&dvregion=0&unit=728x90
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:37 GMT
Server: Microsoft-IIS/10.0
ETag: "fcf82911d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame E8D0 3 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 22:51:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E8D0 137 KB
42 KB 34ms
33ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 23:34:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame E8D0 17 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3435
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 22:37:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E8D0 0
0 27ms
26ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQlePcwNGdDokv1M8vWGC1hNmCxv2oNJlPIqKKl34loXQXpxCixnvQ-dpT--Yw_DZd11VixRIwYRBd8WCqHysDrEgwTHA
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame E8D0 68 B
345 B 25ms
24ms Image
image/png 3.120.67.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_TWJaVFFTNDk2RUI0U2QyN0lMVTRyYkhYbko4LzIxNTQ3NjU3NjE6NzI4eDkw&v=5&s=v31g7dg7fpg&id=eyJkZnAiOnsiYWQiOjQ0MDI0NTQwNjUsImMiOm51bGwsImwiOjAsIm8iOjIxNTQ3NjU3NjEsIkEiOiIvMTcwNzM3MDc2L2Rpc3BsYXkvV2hlcmVzR2VvcmdlL3doZXJlc2dlb3JnZS5jb20iLCJ5IjozOTEwODAsImNvIjowLCJzIjoibGVhZGVyYm9hcmRfMSJ9fQ%3D%3D&sb=undefined&cb=1895079&h=www.wheresgeorge.com&d=eyJ3aCI6IlRXSmFWRkZUTkRrMlJVSTBVMlF5TjBsTVZUUnlZa2hZYmtvNEx6SXhOVFEzTmpVM05qRTZOekk0ZURrdyIsIndkIjp7Im8iOjIxNTQ3NjU3NjEsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.67.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:24 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CDA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEEfJhEBvqhCGMS-tw6d5ys&google_cver=1

43 B
114 B

36ms
36ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEEfJhEBvqhCGMS-tw6d5ys&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWIBymmAMXQrLKmtbvTG09vQKCQDs9DQPHdNB71tz7hVbh-DZ0urkmW1ynQj5zX8C1MCnMt95DI6_44LL5Jk4w2xpN72v7mLP4-ctRrhvhChPVKkvwSoCuyC_Td0MbR9hZVD31aGlPqMs7WxpZGEZokmb2juuMeIxNYIcRB5Y3lnAAijhQ
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:24 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEEfJhEBvqhCGMS-tw6d5ys&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame CDA8 43 B
120 B 43ms
36ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWIBymmAMXQrLKmtbvTG09vQKCQDs9DQPHdNB71tz7hVbh-DZ0urkmW1ynQj5zX8C1MCnMt95DI6_44LL5Jk4w2xpN72v7mLP4-ctRrhvhChPVKkvwSoCuyC_Td0MbR9hZVD31aGlPqMs7WxpZGEZokmb2juuMeIxNYIcRB5Y3lnAAijhQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:24 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame CDA8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEJ5vKFSKdjY1N3wXgfPN170&google_cver=1

23 B
172 B

108ms
49ms

Image
image/gif

23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEJ5vKFSKdjY1N3wXgfPN170&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWIBymmAMXQrLKmtbvTG09vQKCQDs9DQPHdNB71tz7hVbh-DZ0urkmW1ynQj5zX8C1MCnMt95DI6_44LL5Jk4w2xpN72v7mLP4-ctRrhvhChPVKkvwSoCuyC_Td0MbR9hZVD31aGlPqMs7WxpZGEZokmb2juuMeIxNYIcRB5Y3lnAAijhQ
Protocol: H2
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 07 Jul 2022 23:34:24 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEJ5vKFSKdjY1N3wXgfPN170&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame CDA8 23 B
172 B 148ms
51ms Image
image/gif 23.35.237.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNWIBymmAMXQrLKmtbvTG09vQKCQDs9DQPHdNB71tz7hVbh-DZ0urkmW1ynQj5zX8C1MCnMt95DI6_44LL5Jk4w2xpN72v7mLP4-ctRrhvhChPVKkvwSoCuyC_Td0MbR9hZVD31aGlPqMs7WxpZGEZokmb2juuMeIxNYIcRB5Y3lnAAijhQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-56.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:24 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 07 Jul 2022 23:34:24 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E8D0 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame E8D0 55 KB
18 KB 25ms
24ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame E8D0 1 KB
901 B 45ms
44ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_951009124167&jsTagObjCallback=__tagObject_callback_951009124167&num=6&ctx=25719834&cmp=27916106&plc=337305812&sid=5829972&advid=&adsrv=&unit=728x90&isdvvid=&uid=951009124167&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=4.70&dvpx_strhd=4.70&brid=3&brver=103&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH96C6D86%40C86%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH96C6D86%40C86%5D4%40%3ETar9EEADTbpTauTau5aa3%6037c3a%60f7d_257b62cb_f5_h5fh%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=12.40&callbackName=__verify_callback_951009124167
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 93914405cabd289b9a1c1d654068c930788bf15d875607ea0e4062a625b8aab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:24 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 07/06/2022 23:34:24

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 80C3 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58897
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame E8D0 0
319 B 21ms
21ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=306d431ed8d5475ca6ce2f5e3282fb0e&vfdur=46&cbust=1657236865002625
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:25 GMT
Vary: Origin
Access-Control-Allow-Origin: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 07/06/2022 23:34:25

POST log
protected-by.clarium.io/ Frame E8D0 0
0

POST
H/1.1 200
OK log Show response
protected-by.clarium.io/ Frame E8D0 0
337 B 67ms
67ms XHR
text/html 3.120.67.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protected-by.clarium.io/log
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.67.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 07 Jul 2022 23:34:25 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 20

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DEEC 1 KB
749 B 19ms
18ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 08 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 80C3 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 12:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13895
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 12:40:04 GMT

GET
DATA 200
OK truncated
/ Frame E8D0 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0675f8c5f95aace6fc793cea8f20d35871e47825cdf275c08981a6aa5eaa025e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DEEC
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJxCn01hdqr6s4oNBlaZhy0&google_cver=1&google_push=ARnp8GDYvUd-ubTcqq6VNHtaOICqv1FYRniaiVFd5WLybshhc2_c_YAUq16HSvVIaie54ytrqwKOuWkQNwocLLSy...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cp36FiKeTeu4mINqbLRGZw2&google_push=ARnp8GDYvUd-ubTcqq6VNHtaOICqv1FYRniaiVFd5WLybshhc2_c_YAUq16HSvVIaie54ytrqwKOuWkQNwocLLSyP7y6tA3sAccnvw

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cp36FiKeTeu4mINqbLRGZw2&google_push=ARnp8GDYvUd-ubTcqq6VNHtaOICqv1FYRniaiVFd5WLybshhc2_c_YAUq16HSvVIaie54ytrqwKOuWkQNwocLLSyP7y6tA3sAccnvw

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Jul 2022 23:34:25 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Cp36FiKeTeu4mINqbLRGZw2&google_push=ARnp8GDYvUd-ubTcqq6VNHtaOICqv1FYRniaiVFd5WLybshhc2_c_YAUq16HSvVIaie54ytrqwKOuWkQNwocLLSyP7y6tA3sAccnvw
x-host: tde-deliveryengine-production-78dd496b74-k8v54
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DEEC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESECEGeeCi5uBXrxV2D3Ef-Tg&google_cver=1&google_push=ARnp8GDyUpy4MFoZ1XkEuHYp4cRGowe6tm_stYjrlsz5w9YfM6Z8paK1tob35pKXEPrkaO0HKnpN1ej8vIIgtf0BV8rdaIb...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDyUpy4MFoZ1XkEuHYp4cRGowe6tm_stYjrlsz5w9YfM6Z8paK1tob35pKXEPrkaO0HKnpN1ej8vIIgtf0BV8rdaIbqx2XjTw&google_hm=MTAzMzM1MTY3NDQzNTA4...

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDyUpy4MFoZ1XkEuHYp4cRGowe6tm_stYjrlsz5w9YfM6Z8paK1tob35pKXEPrkaO0HKnpN1ej8vIIgtf0BV8rdaIbqx2XjTw&google_hm=MTAzMzM1MTY3NDQzNTA4NzMyMQ%3D%3D

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Jul 2022 23:34:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDyUpy4MFoZ1XkEuHYp4cRGowe6tm_stYjrlsz5w9YfM6Z8paK1tob35pKXEPrkaO0HKnpN1ej8vIIgtf0BV8rdaIbqx2XjTw&google_hm=MTAzMzM1MTY3NDQzNTA4NzMyMQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 dds
rtb.openx.net/sync/ Frame DEEC 43 B
350 B 82ms
36ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESECKnEhP8vfE7wp0Ubf3n-IU&google_cver=1&google_push=ARnp8GDwY_eUSE-XpWLXitG8XKdKtOXXF-R4c2EMrDsy36oQldl1P79Ulr3aDfmE7ANeMan7xOsX3fgQRcggTp90t0m_FzRrrAU6
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: i4t2th60r9994t770787b525as2m2n4d

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame DEEC 0
166 B 115ms
27ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEM-v1T3CJrXtbOaU52VEP7c&google_cver=1&google_push=ARnp8GC_JZTPMWhwJcneJUguvt2n-jKpBCeI-F40Yd4ZgvtMU3qmS3wDyf1yqZD-bza-bx4w0zamYBzUF6tHLTKsCmoSojXZj9432g
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:24 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DEEC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEKTC_j-eT3s1H-L3QkbEZ5U&google_cver=1&google_push=ARnp8GAaFFUBeMUibCdJXwrsQBz2rK8LhCPb6XqjzAH_Oe9yIKAjswZ8oKIpifnRDzphLZG5tyK...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCTzFEVEctNi05RjJQ&google_push=ARnp8GAaFFUBeMUibCdJXwrsQBz2rK8LhCPb6XqjzAH_Oe9yIKAjswZ8oKIpifnRDzphLZG5tyKmXnCYuC1sCjYIzXTIiTjwGG7S0A

170 B
188 B

30ms
30ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCTzFEVEctNi05RjJQ&google_push=ARnp8GAaFFUBeMUibCdJXwrsQBz2rK8LhCPb6XqjzAH_Oe9yIKAjswZ8oKIpifnRDzphLZG5tyKmXnCYuC1sCjYIzXTIiTjwGG7S0A

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVCTzFEVEctNi05RjJQ&google_push=ARnp8GAaFFUBeMUibCdJXwrsQBz2rK8LhCPb6XqjzAH_Oe9yIKAjswZ8oKIpifnRDzphLZG5tyKmXnCYuC1sCjYIzXTIiTjwGG7S0A
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DEEC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_hm=YsdtfhVhDKDia9NSK2xVjAAABFgAAAAB&google_nid=index&google_push=ARnp8GCq3Ias4dxKaMjWsxDr2ZMuzdj1PGZFy...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_hm=YsdtfhVhDKDia9NSK2xVjAAABFgAAAAB&google_nid=index&google_push=ARnp8GCq3Ias4dxKaMjWsxDr2ZMuzdj1PGZFy-B7yGoQ4Nly14EZ3l4PJfmdjKdLBHripxGDToxd8WqtmQrrOhRHCE0xlHDRdFg-XA

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgCMuudqKyEdhTUU6VCilIuCPVmaMrW%2BugTxXhCNrvLylwlNBp78RYsQZoqhVDcLo82vvicgYHxGP2sJG5mJXj90J44uA1Sawc30o6Lj6ciSpIUUPP698LSmDPtf59Cf8%2Bc%2FAtIYZjdLPA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_hm=YsdtfhVhDKDia9NSK2xVjAAABFgAAAAB&google_nid=index&google_push=ARnp8GCq3Ias4dxKaMjWsxDr2ZMuzdj1PGZFy-B7yGoQ4Nly14EZ3l4PJfmdjKdLBHripxGDToxd8WqtmQrrOhRHCE0xlHDRdFg-XA
cache-control: no-cache
cf-ray: 7274640778e96940-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DEEC
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESED...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ARnp8GDDGSckV8_tl-cpXUjNp6A7q6CfKGRlwck7epGbiQg_CcRJZlMAMAhZMaPxy8s93Xp7Pnv5N2lXyJ66oEcwCGnignQokZuH6Q&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-5b386a52-ebf5-4d6a-a563-35fbc90b14af-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DARnp8GDDGSckV8_tl-cpXUjNp...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GDDGSckV8_tl-cpXUjNp6A7q6CfKGRlwck7epGbiQg_CcRJZlMAMAhZMaPxy8s93Xp7Pnv5N2lXyJ66oEcwCGnignQokZuH6Q&google_hm=A1s4alLr9U1qpWM1-8kLFK8

170 B
188 B

29ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GDDGSckV8_tl-cpXUjNp6A7q6CfKGRlwck7epGbiQg_CcRJZlMAMAhZMaPxy8s93Xp7Pnv5N2lXyJ66oEcwCGnignQokZuH6Q&google_hm=A1s4alLr9U1qpWM1-8kLFK8

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GDDGSckV8_tl-cpXUjNp6A7q6CfKGRlwck7epGbiQg_CcRJZlMAMAhZMaPxy8s93Xp7Pnv5N2lXyJ66oEcwCGnignQokZuH6Q&google_hm=A1s4alLr9U1qpWM1-8kLFK8
date: Thu, 07 Jul 2022 23:34:25 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX5b386a52ebf54d6aa56335fbc90b14af003
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DEEC 0
12 B 28ms
26ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYVEqrvEEKtyFbWCgWfnDunMHYJxQZ6xde53g9GDfuHMCGeiU5IZJA3LeGnEfNqAB36dRT

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 28ms
28ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 07 Jul 2022 23:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 320ms
320ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=908605324964748&correlator=3865922341816139&eid=31068364%2C42531608&output=ldjh&gdfp_req=1&vrg=2022063001&ptt=17&impl=fifs&iu_parts=170737076%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C468x60%7C970x90&ifi=6&adks=1253105972&sfv=1-0-38&ecs=20220707&ris=1&rcs=3&fsapi=false&prev_scp=auid%3Dleaderboard_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26confiant_refresh%3Dtrue&eri=1&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F%26didna_version%3D4&sc=1&cookie=ID%3D947991643eba1d8f%3AT%3D1657236861%3AS%3DALNI_MZbH161nJJq9DGnYa704JBQ03ErMA&abxe=1&dt=1657236865239&lmt=1657236865&dlt=1657236859553&idt=822&biw=1600&bih=1200&adxs=437&adys=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=969x90&msz=969x90&fws=0&ohw=0&ga_vid=526263631.1657236860&ga_sid=1657236861&ga_hid=259042230&ga_fc=true&btvi=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABjK547YnTBIABIZCgpwdWJjaWQub3JnGKLrjtidMEgAUgIIahKTAgoOZXNwLmNyaXRlby5jb20S9wF6MXQ0bVY4NVRIaHJla05PUms1cFpVVlRKVEpDTkRWT2NuWlZRbmRPTmtkV2VEY2xNa1kxU2pWMVVIWnFUMkp3UlZwaFVXSkNjamd3U2pKcVkxRXdaSGRwVkhWdFoweE5NbUpaU2tGcmRtRjZhSFZIVjNWNU5UaExaV0Z3WTFsck1Hd3pUR2xWZEhwRlJEWlZlVmhJTTFGWmFYRTJkMHhUUTFOelluZ3lkVEJNSlRKR05HTkVhRVpFWjFwU2RYVXlOWFJOYWtKWE4yOXZhbmxXZEhaS1RFMDRVWEUwVjNSc2RVOU9jMGRWZGxaSGIyWmFSMk1sTTBRGPPtjtidMEgAEj4KBW9wZW54EixleUpwSWpvaU0zSTBZMWR5Wmt0U2FrZDJURmRCYWxWMFdta3lkejA5SW4wPRjT6Y7YnTBIABLCAQoIcnRiaG91c2USrAFlclIxZXQwRHY1R2xaK3FqUHN4NVFQbVcrakl5V0hBdmVsNkg1Y2x1MzZRZko2MkVsTzRLMUxMUms3REFtR3BLYjRaT21MaXoySEJRTW1Xd3d5K1VZbWtneUw1bGN0aE9xaUhRWkdlWVY2SDZmNmlPb2dDSVJBeU16VXVwVGlsSFZpejhsRkxNWnRRVnFsL1J0d1VoQTFyT1JaRUZzR3psUloyWEwyMDRmREk9GPXnjtidMEgAEhsKDGlkNS1zeW5jLmNvbRjO547YnTBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022063001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

be5f356bf1118905357acf346dc551a233c54b218956c43811bd0d79b80eb84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12220
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 80C3 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5uopgG3HYtrcM5rpgAf8nKHwBwAAAAA4AeAEAg&bg=!UVKlUhbNAAaLlKKnq5Q7ACkAdvg8WoVBnK_w2Xlw6xUuTpt2fKanM2nvQZi8cYxbH3Cl-Bbw37EaZwIAAABhUgAAAAJoAQeZAulmPWM0xfuX7LT3V-JItmExSyGS16nNzIeKOljL3EfAX1gg-hOPkihZSRpDVsiuOetOByFOeL-2Kke8JNIsVDXPSYca5rvORg5H2hZqTB9BKo71nejpZGO6Oh3Kf3wpGJkomGFyIYAHO0TKiAR74cfPHEEAfVba_GXZvuVXE6Si3D_2mEmOpzXVKqd9F_Tdh2ARWUXmGlW52GPADl2UTkW5pHYagdZ6HlPcXa-9I_wlFU61bS-miB9OM9Yw9eEmyefeyWFDFnV-2rRlUkHAaB2wWB0zfcQllMFAjCkl3C4Vu8Q7LdLUmFj5n08y2BTvQWitc95aIynBi0o-1AeBuwxDo6X5zY6XmqsgPIbFiBHa-39n7ZHTgbALU_5oJv3aMPOUw2_JsZL9ZgWeQOkJOe4PoVJfuHuMzn0peFU-PdXQvLFPRCz27Q6oyR1hGkwSzBTVLGTNir1CkDQDPJR4neWKAdqrBnOiyACbv4odcJB15JEMThHuXlxsTk_FC5ilQdETIhYyE0uNM7DEF6Un1vlTbxXwQSgOX1dduj8C5WyaQFtzBaaEaWp8FN5PzVBD0VOmm6urxNMFKxQGapy3z9_PAvba84PBRWK8Xd_bT1GcOTEMsgHyjnhQDmATWnclp20s3NIm8p_i846eD9F4fwXDLb8PFM3_pz94T9RZGCZ9h5qjP0RstvK81Ysu3fOXKW38HXe-XdXNjU5uTwFDxhljM6NqddbOvogLfCnH32zf1RgrXjp2g34BOJg2E6qEWgnR7LTkNzB_wWjeDVMdKpEVC662Vf0EEmoS7snkEj3WvDM91LiworjGTfycTLwYWzEI5eoLUqXIHW2n0ohcldhfaNmDZw6jdhsWcAYC3kPbMdNJTwpPt9pDOybLuLjDoRKKCdAiF4EFsoBtuy9PysUVDCc-qpPDs0exgMiRxnLGETgJaAlnWEaFRuCVQQ2Qi2-F0cJJcOVqleUEnzUvoODjKfq18UPgDhey

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame E8D0 0
0

GET
H3 200 container.html Show response
d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ACC6 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202207071418/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wheresgeorge.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:21 GMT
expires: Fri, 07 Jul 2023 23:34:21 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 43F2 466 B
301 B 30ms
29ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNUizk8maXQx3y-D9WzvmeUJprX1AdaxAALcZ9BbuFXFvnt_NCz9TSysWzE4LKJnt5Snyx20u24ZqYE4IT2WEJOKpjQoPagbUPVx9X5eWMZ5PlyaHcAF8IA0i7NlXE2Jeb1I3QBjVx8jVHdRMVgyPhejKFy3IkFZsCeIh1SmK2RL2KpWoIs

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 280
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 23:34:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame ACC6 14 KB
11 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ca3k9Wh0yb3X4Gr8Dw-5XYnpW1Tc3rwKGJdg22NZqnnOgkWbj613VV996Hs2euQBJK7yQFaPvfOWDl7wAUhsJXtHp-A4HHyGnZh2vIWcwby8Jt8ganAkErG9mwvpVwPWorjEQTc96YlGVDLSeVe5njnHhFOg&cry=1&dbm_d=AKAmf-A5awTU3g0zmEIFWnta7Z-a9Tgh6jnRa3TQPHxlb04brIHdTY_nma6DabeXbpeWXmrKgYh4qv4TSWDTrFTAzXVkTKgnvRZkEmEfPeR3RaMkfGJJu7REt-gu77_DqrJ_esDR5AX3VidDzny3B52vqRqp8mzAMmkJK6JlKmZNMdfRbxfwVjBMy5SMhKj2mhv1bVZQtaSKXoGSvDBJY56_xR9kCKJtXn0OymYU0CEz83bsoqAkB0R1OdbCrxbx_6OhvFNRNVl_gUwXZPhtSnAKpRnX9fUtp3tVBHxfQXAMBFvSnQTnCcVx0k4RCA4ta9UusqBBM0CfWp2L1z9IyVW60_NKI-6jz3GZKHNs7ACx5RyH8Dh7nU6awmhFjUgpL-IaIeBRwqs8o3DGaMFD_H8llFCYFPjHWKM_3nR7rZDZ3Y7dYMOGjKss0jH1euSm200aP40qm8ij0OKxIMIs3fmgMd1fPJ5uEizIKbpjh79pi7D-SGHccbbQwL-fCn3aMVdJLiqgma0nkwEpHZEy43qIJEGUHV6h-XOJZC2Ttq1LSWHY6-1bHJ3Ico1EAZjPa2siOxqfhQ25sj8u_4A8aLiVb5PMsjpKx9f8DcH55jWxAECVTNBk5D9tqc0Zy913zbsheumc6MPqE9e2j6ldvDNHBgVatZ6jnb8yFdS7Q2s1_Ro2huzBwM9MuR5CGwlVHaEqvqilzAxT67wD5v8Z8a5W0LkRxk_5-hcXxvREbrc9E0sr8g6aJQoyZJpgsBE2XSB-RDLBOd90sy6TzqqQVZrzoi-j4IY6BpivZ70CwwL8xSA2Mperz1f37f6N2tnI0K154mWy_nEtQzdIa65mognB31oWPXkjAsemfb5jQWLdUXhvJBrpPmQDVOgOvjPzlwhcJcqD35LegIFSsW3FLNbmIoB6vWLhzFkTA4MIlo0EXATjwcAzDccgrC7_RA1vPFP_gUfpcgLFqwkA6aOU5bRPypGWCCeyUucwTTfzV--qTe74TMC_IXsDMrOPPCv-m5mboIkknFCt9IZjvKI6E0dkISV7KBAyKzyhddJdPyO96j4gbUusKYHsx_lQ6iRg9k3duFPVZBW8aJDW1_-8zRPota-sa1YnXq6IOECfwotMkMOC7BIrdo3s5-zbdIj_5grleVcIiNMORRdvwtIj5PQsLxvx-JrbTsbwtQR61B9ryzWbWeoyBEh3fdGYiZM8n2wa46D44_dQIVs0HjiSI9UGRYRPshWdE8DQVVV5QAAwLw4gblNhUYkg-BXJNtuSBgLtDHNqgebvTSihf6W0uDYhSt-qRCtO5ZFiCjNo_E_4yd5GGlV48yzDdoDtqAgWGzGUVB2d65ZL1lzAHooFay68yWJSRF0CLH8hYRYGypZqJPGZWachQLUUswtzBlzx5DpwYrFdhBXqVHzH_2FR54qj08eW_ZYubuZ4XJ8IGvhsEcL6DuKSLp_kVWwd420HIsFGcRzxlY8-KJ2BPGcgpjyXMxvq65ARLNPQW4wyQ3e8TcEi042yQtNsT3LeykS45vE5jJjz3h8VSWDs5Geh_Q1kp6DQbhoYA16au-0Ebz2_i9-W6qxfwjP3IQcy9h7dcY-rg5mGhVU1GNrEDCCNzBkwRrEYEmzlwjAI0dWwgsQQQvXeoESde7cicA1WQ6NRTqf34gw9RkRF43YeP7ED8Fg4reWcJkXN71R8wvy6kh0ZB47ET2L1mEJFv8irB6lPEjtnQ8jACf33Pnk9FG2L-6Mz3Bm0wu3p3R_OWh_vmqGAFACv63N3NzBkszIZIJB2dZ4Ghsg1I2HJigBGN4siCVFwQ63X0_Ose7SQ7fEv0BycCHVmzPfxQQJRT61stdvvGwvtb44GaKRtOSKk7LZP7iFi8Q0UtQ5Bwe-HPMuaF8oZPJNpPoSj05I_kyX7hDfHVupKsXUp-EigeMzlyGLnC7ZqZVbhwvHeYS61lmJxAST-_OiKFHmq_Jt3qq6mamufsV4WaJa0C6z_9boKtkdYcBq7Ru6FV8QflHqqAi06wN2VaI_AKaKGZnE1u_uJ6MssiI3gc7wLiaQYZsvAbQqy-_GZXS3FJcA4kxRU_aIEfyxou_JlRcxV2TfYT9aB18NZPVq0FszErbZPoS1JvM9jOwib6x3UENqnC4sZ-u-0LFPDRyQVPcY-b169OrvpBTWF9l8jF0C7-3D61IGvv9cXkQ_56rLV31VuIyhp4TP2TdLOvU3uZu_qxos8NFsJmAczYK_KZ5G1_RsD2cTyu2rY7mNWafxf_bakI3Yq67gXafy9-IINpFEjPbdwHl5d0t7rP_msJuj21vS5hAJ3QdzpNbtAa_qi935uiQCM6i8Adw2VS_OdV4GnFtH4DoeQp58VN3IW7b__1gP-NYvLLiAh0CWgDQN4v5X47rUkBi-fwcdlDCUbrxWc6-pNiE7WpppC2iNduM-yYqZ6PzZfIIUPuOop61qrjX9hqqxWMM8BAlMXRP_op8rRNFhFm9Sni_SSjF7cGz1JnPZhIBH2tnnFzbsy5AFGH3aZ44eMW_SAyTopK1yJG3Y46pAXmMVKEFqPcNwmtzmuUadTdNmoaa1-aD0RNVCAR_vD_5BNstqRLMQmbmv_b-EHV1-8SW45DKGtQJBFNfSx5oqEqor4ujf8b5NVWRRpK9tG-F3Wr9QCc1wvSNTohYwj5Hc75EHuJXfT9fVZegZCeexpq9mH5B7TD3b6FISuVaN7AnJ6KBX71cSFt_d4pfIaPfU&cid=CAASJeRooaBtpog3vkAK6lF5HiXOwmmvXMDq8EWehGcHf7i290LUa74&rfl=1%2Chttps%253A%252F%252Fwww.wheresgeorge.com%252F%240

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

812037a0c79deb55065e9488af1295c2df3471d0ea77466047b0b1f1cab610ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10778
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame ACC6 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtTCNPAfrNiEt729CAb-vfw7uJNgvXGiWnfHC00wGdWyP6BivxZmG5XX_kfNI00066ozOARtsTsWH740r5_lFxhHm6J8F6412ofX9oQq8O_QucE-o

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame ACC6 2 KB
1 KB 21ms
20ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=25719834&cmp=27916106&plc=337305812&sid=5829972&dvregion=0&unit=728x90
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:37 GMT
Server: Microsoft-IIS/10.0
ETag: "fcf82911d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame ACC6 3 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/window_focus_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:51:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 22:51:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ACC6 137 KB
42 KB 29ms
28ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Jul 2022 23:34:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/ Frame ACC6 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220630/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 22:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 22:37:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ACC6 0
0 27ms
26ms Image
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCuaoNxq5Y3ocaYh6ocwKdh2FbstRY1V4oVZzoWlhevHD7XwLrxzQ6lCBuAPyvAfat1aSwGXrJgQwknZBVowEMTM7frA
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame ACC6 68 B
345 B 26ms
25ms Image
image/png 3.120.67.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_TWJaVFFTNDk2RUI0U2QyN0lMVTRyYkhYbko4LzIxNTQ3NjU3NjE6NzI4eDkw&v=5&s=v31g7dg7gki&id=eyJkZnAiOnsiYWQiOjQ0MDI0NTQwNjUsImMiOm51bGwsImwiOjAsIm8iOjIxNTQ3NjU3NjEsIkEiOiIvMTcwNzM3MDc2L2Rpc3BsYXkvV2hlcmVzR2VvcmdlL3doZXJlc2dlb3JnZS5jb20iLCJ5IjozOTEwODAsImNvIjowLCJzIjoibGVhZGVyYm9hcmRfMSJ9fQ%3D%3D&sb=undefined&cb=876244&h=www.wheresgeorge.com&d=eyJ3aCI6IlRXSmFWRkZUTkRrMlJVSTBVMlF5TjBsTVZUUnlZa2hZYmtvNEx6SXhOVFEzTmpVM05qRTZOekk0ZURrdyIsIndkIjp7Im8iOjIxNTQ3NjU3NjEsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.67.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:25 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 43F2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDjVW6wlUjc_KgvZqo5GS3w&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDjVW6wlUjc_KgvZqo5GS3w&google_cver=1&__user_check__=1&sync_id=567c58a7-fe4d-11ec-80f9-1342c0320106

43 B
548 B

30ms
29ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEDjVW6wlUjc_KgvZqo5GS3w&google_cver=1&__user_check__=1&sync_id=567c58a7-fe4d-11ec-80f9-1342c0320106
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNUizk8maXQx3y-D9WzvmeUJprX1AdaxAALcZ9BbuFXFvnt_NCz9TSysWzE4LKJnt5Snyx20u24ZqYE4IT2WEJOKpjQoPagbUPVx9X5eWMZ5PlyaHcAF8IA0i7NlXE2Jeb1I3QBjVx8jVHdRMVgyPhejKFy3IkFZsCeIh1SmK2RL2KpWoIs
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:25 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 28
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 07 Jul 2022 23:34:25 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEDjVW6wlUjc_KgvZqo5GS3w&google_cver=1&__user_check__=1&sync_id=567c58a7-fe4d-11ec-80f9-1342c0320106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 90
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43F2
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTY3YzczYjMtZmU0ZC0xMWVjLTlhY2MtMWU4NzVmMDUwMjA2

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTY3YzczYjMtZmU0ZC0xMWVjLTlhY2MtMWU4NzVmMDUwMjA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJyt57MDEIqh4rQDGPTCwssBMAE&v=APEucNUizk8maXQx3y-D9WzvmeUJprX1AdaxAALcZ9BbuFXFvnt_NCz9TSysWzE4LKJnt5Snyx20u24ZqYE4IT2WEJOKpjQoPagbUPVx9X5eWMZ5PlyaHcAF8IA0i7NlXE2Jeb1I3QBjVx8jVHdRMVgyPhejKFy3IkFZsCeIh1SmK2RL2KpWoIs

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 07 Jul 2022 23:34:25 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NTY3YzczYjMtZmU0ZC0xMWVjLTlhY2MtMWU4NzVmMDUwMjA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 104
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 43F2
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1uYlBfQk1CRTJ1R2RJY3BSM1lEMnFabGFqSjZMZC52T35B

170 B
188 B

32ms
31ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1uYlBfQk1CRTJ1R2RJY3BSM1lEMnFabGFqSjZMZC52T35B

Requested by

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1uYlBfQk1CRTJ1R2RJY3BSM1lEMnFabGFqSjZMZC52T35B
date: Thu, 07 Jul 2022 23:34:25 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame ACC6 41 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame ACC6 55 KB
18 KB 24ms
24ms Script
application/javascript 2a02:26f0:3500:58b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:58b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Thu, 07 Jul 2022 23:34:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 56EE 22 KB
8 KB 19ms
18ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame ACC6 1 KB
900 B 26ms
25ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_510375299392&jsTagObjCallback=__tagObject_callback_510375299392&num=6&ctx=25719834&cmp=27916106&plc=337305812&sid=5829972&advid=&adsrv=&unit=728x90&isdvvid=&uid=510375299392&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=2.00&dvpx_strhd=2.00&brid=3&brver=103&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH96C6D86%40C86%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH96C6D86%40C86%5D4%40%3ETar9EEADTbpTauTau5aa3%6037c3a%60f7d_257b62cb_f5_h5fh%60%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.40&callbackName=__verify_callback_510375299392
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 2f438f92dec5a704e8bbea10d834cf887532e5ff54c6e3b026ff7b1ebce826b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:25 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 07/06/2022 23:34:25

GET
H3 200 yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 56EE 36 KB
14 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 12:40:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39261
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13895
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Jul 2023 12:40:04 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame ACC6 0
319 B 22ms
22ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=5d93d306682c449db66f9da5cc78556b&vfdur=27&cbust=1657236865804244
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 07 Jul 2022 23:34:25 GMT
Vary: Origin
Access-Control-Allow-Origin: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 07/06/2022 23:34:25

POST log
protected-by.clarium.io/ Frame ACC6 0
0

POST
H/1.1 200
OK log Show response
protected-by.clarium.io/ Frame ACC6 0
337 B 69ms
68ms XHR
text/html 3.120.67.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://protected-by.clarium.io/log
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.67.34 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-67-34.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 07 Jul 2022 23:34:25 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Access-Control-Max-Age
Access-Control-Allow-Methods
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 20

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 810A 1 KB
749 B 19ms
18ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 36493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 08 Jul 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ACC6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 008a1fff429c2bef4d6b6ac4d12b6c91e1d46e4cde74c71621896c24d00eafe4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 810A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMsPLv0FSO7_3X3wblhK1s8&google_cver=1&google_push=ARnp8GDlyOl35qQyizyyqxnzrLZL3g7iQpcrn3iYtSBrD2wygoeY0JR--DlkYCs8Ce0i5h7uq2FYovBqgAtT1hKwiStsW8-_ieM
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk2ODYwODY3NzA3NDQ4MjY2Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMsPLv0FSO7_3X3wblhK1s8&google_cver=1

43 B
398 B

45ms
27ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMsPLv0FSO7_3X3wblhK1s8&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:26 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:26 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMsPLv0FSO7_3X3wblhK1s8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 810A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGoS-JKeMQ3ICP6daPqg8IY&google_cver=1&google_push=ARnp8GBNDE4K1oUaXsMtxyDUlyLwPqVoMnvUUYFxgMidLkDaovZiXgPHJ8PTqltqmd-McBj97G0HKYw1GLjQXvDcN6ZwO7_6wC-I
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=12C7168D98454C1D8FD2FF7DF76C2F79&google_push=ARnp8GBNDE4K1oUaXsMtxyDUlyLwPqVoMnvUUYFxgMidLkDaovZiXgPHJ8PTqltqmd-McBj97G0HKYw1GLjQXvD...

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=12C7168D98454C1D8FD2FF7DF76C2F79&google_push=ARnp8GBNDE4K1oUaXsMtxyDUlyLwPqVoMnvUUYFxgMidLkDaovZiXgPHJ8PTqltqmd-McBj97G0HKYw1GLjQXvDcN6ZwO7_6wC-I

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 07 Jul 2022 23:34:26 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=12C7168D98454C1D8FD2FF7DF76C2F79&google_push=ARnp8GBNDE4K1oUaXsMtxyDUlyLwPqVoMnvUUYFxgMidLkDaovZiXgPHJ8PTqltqmd-McBj97G0HKYw1GLjQXvDcN6ZwO7_6wC-I
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 06 Jul 2022 23:34:26 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 810A
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEPBs79fup3zFKXMmgWetayo&google_cver=1&google_push=ARnp8GA_yVUMCInroXGVwi1tjNcV3I1riDQ1LS6nTAnFNGQs7_j-9NLyuxVITx3joLJ-sLAfryz...
https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEPBs79fup3zFKXMmgWetayo&google_cver=1&google_push=ARnp8GA_yVUMCInroXGVwi1tjNcV3I1riDQ1LS6nTAnFNGQs7_j-9NLyuxVITx3joLJ-sLAfryz...
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CW5_7AL2TLSnsCYLsRE6sQ&gdpr=1&gdpr_consent=

170 B
188 B

30ms
29ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CW5_7AL2TLSnsCYLsRE6sQ&gdpr=1&gdpr_consent=

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=CW5_7AL2TLSnsCYLsRE6sQ&gdpr=1&gdpr_consent=
pragma: no-cache
date: Thu, 07 Jul 2022 23:34:26 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 810A 43 B
65 B 31ms
29ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEAVsM7DsSawsO82co9JoiG0&google_cver=1&google_push=ARnp8GBdIrvdh6HZ6zFIwUV_Z0O6_NyJb6GZyKX7HNP-FvRCCR-a43O6Wd15pqUKAc3PtodDd7mBk8uTm953VtHiQnALoC6g1JBY

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Jul 2022 23:34:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 810A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_hm=YsdtfhVhDKDia9NSK2xVjAAABFgAAAAB&google_nid=index&google_push=ARnp8GAJF9xCQWMfPueSjDhs1WlFAJ0LliVXA...

170 B
188 B

28ms
28ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_hm=YsdtfhVhDKDia9NSK2xVjAAABFgAAAAB&google_nid=index&google_push=ARnp8GAJF9xCQWMfPueSjDhs1WlFAJ0LliVXAfo-8AJyAwdq2EOA1IBzOsD4tL1jyRQOSe1Xl7X7CiJd-fZrHau_5rx7ROCQjTS9

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAbKiWYZLrd%2FxmfF8b7MN%2FuFZ7qGAF4Hea9XZecCNBRzbL9nEV%2BFaFJ0X3JXOZBju0MD3%2BihYHSCq1sY6F0vMSozizRlq5f1dJ7fBuABvCdI9N2Sd2ux4T22%2BcMAtyZVy6O%2BOdj%2B5vvNqA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEH-jeZMt9naANx8_gcl4Vgk&google_hm=YsdtfhVhDKDia9NSK2xVjAAABFgAAAAB&google_nid=index&google_push=ARnp8GAJF9xCQWMfPueSjDhs1WlFAJ0LliVXAfo-8AJyAwdq2EOA1IBzOsD4tL1jyRQOSe1Xl7X7CiJd-fZrHau_5rx7ROCQjTS9
cache-control: no-cache
cf-ray: 7274640c98229be0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 810A 0
75 B 32ms
31ms Image
text/plain 185.86.139.102
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEIzeO-Ra2-GN944NL-zB6d4&google_cver=1&google_push=ARnp8GBVR3SfQLL-1vrNeALqudHytKsi92iWzs4ikEaSNZwLjvuzBkix2ARqI7Zmqx6ULkmUIgFG-eIdzg9dwi1JK4o6hdGlhgfy
Requested by: Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:25 GMT
content-length: 0

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 810A 43 B
65 B 29ms
28ms Image
image/gif 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEMaIr_tUZHeWkTDrsXIWHt0&google_cver=1&google_push=ARnp8GAyUkZaU5wMSrFjr7-JgUxot1IVtJlSJJ9eNOw_6zLxY2KvWYg3oXJHWiD5SmWiE5B16ee5nBdH9vxyMUkA60VKtT79F20E

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Jul 2022 23:34:25 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 810A 0
12 B 27ms
26ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYTeMzk-PGpvn1dVfVM_CXLd2Z5aiYttdbh7YzrTbYrAaVqfNkge_md7Dro5Uvuisjw00UHA

Requested by

Host: d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
URL: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 23:34:25 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 56EE 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-VsMgW3HYvmkK-C49u8PqtC7gAUAAAAAOAHgBAI&bg=!3d6l3prNAAaLlKKnq5Q7ACkAdvg8Wm-xJzIMvHzrUZlZzIRiKcLpxUIvvwzqeivg79lt2YHKpqL3iwIAAABPUgAAAAJoAQcKAHo8t_j9lXaLnUGPV5ixVg7FIzRlzp-gWhSYTJplxn3GAkCS-KrkdVW8Vd1-ND8GWE0-xwpHpTXQcA8Q9GNd6-vOru-5brlli1XnZFcZs9bQ91erNg1exBLIL3M1J61zyqk4qIMA8R8IB6HrQ9phNVD71Szs2TTabJMAP5kC6KV0lG8p-Ohff5P45favCBF_nG81V2wAlec97PaWEpENL6kNJaIwFIhniITbhsK9KC54kGOEoJHEHinvO9H_Jffh04ShzYAG4zVTLGU-10N8bAfjHIOWMaM9TcoMoDpzmUtADHdVgmonSEiXivLtMle6IGSaFN2FiOCH38LfJgSAUBYn0r1b1oDCbTlIKT4zxnZ6xYxCJzZXnkCde07w6O77l_q8tETgcTV-Ks3thYDvkoA5oay2sdalAfE-2HIb-S-Mr0VbTk7xnJYyKWPznYTr0gKOpC-oQI4i_Cx8JV3C8mzJPaUnQi4RsC7WzFz7NSMI-gTOMVoYobaUWJ6MJoePVF8I8oeB1V8V31KhcVYa0mbp06CBm0d3VfoB-QfV9YOLeCM5w0kxsonbzzcq9UioPfXlXq1-4UsbyCzfj0klGkJqi2uJNRRUEye8Y7u9Rx7F_bLsR3c9LasnDmU2N6Fqf608fT4nZuqWMsz6ddq5l0eiUs98romsEAJM7oP2xv44AU9p3ItK2EPSQeFayl1PHfhfucMFjLkJVY6WkMrnB3NP-hMqKt4loO5-NktDcmfm80dslhbRLa3Hz5WaU1lS8UdaXCiK-PgCAKgflI3QM4NbNNKZgnORroypqBPGD8EngsMnrQ5qLtYH66sLHHZJvusdn7KZsmst5QHp51Cm8r8LP433M0Q9lV_V8w-oQhaby-kIpPh84wluWmhY9GG0UuvAEjcvwqqcx-XK5X0X17DFEMWNjDemGKYoZokhgzcO7C2pMo_MtM2BIZKjU7c_Oz7wpGfanP9lcwYybq7kxhzTu0DgXEE0Bl0ivlJqTSba-1unqMK5aP509xlvpI2efKtsEWAgwEFGVTzAZ1U8TjO9edO9btBhVP_pnEbZQc2FIi5RZAo8UjrzYQv9_vFe2Iz_iEeMKgKttAt-3hSN9y6JZTx78ZvGYstotOQcTpZgni7MrZBKjVHDIeLueUpl8FZPGLCr-A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ACC6 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-V4cD36XiJLaLLI04jt68B3X3Qotoqlks1rg7TJRTmQMOAFTxRrm6gjjidcRr8o08jMy_uphWJDpxTtSJGCfzrNZcPd6zyOCj8ZbRK17zOX1IZNZgWQgNuHiSvMRUfDkXdDaOiA&sai=AMfl-YTqwf2eokSh0b7fmnuS3mZI46Qw7Kg-MNmGpwgp_QNA_2dED4FesPAZeEzspiZLO_hfFnbpgEmeB6WtbU8YwBD7CCdWShrKEF_L2qj1RhvAd1AAoL6OVexTmG_K&sig=Cg0ArKJSzCMh8xF1cAwlEAE&cid=CAASJeRooaBtpog3vkAK6lF5HiXOwmmvXMDq8EWehGcHf7i290LUa74&id=lidar2&mcvt=1000&p=0,437,90,1165&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1253105972&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657236865579&rpt=346&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 23:34:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: protected-by.clarium.io
URL: https://protected-by.clarium.io/log

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=26

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvL97mf6z4QvTDr7hzokfjAovtybmBDGVIucqeMAk7efAj5o_V6vOMHA1zgdq9iLalWN7O1dxqUclmIkB8NJLuoAuY46XtbLoofYWPTzFuFRw7h8QZqSS2MMFSdG0rAW26yf5_XijM&sai=AMfl-YQlJgTJ2zgoLPYOCm-xgS1X584QgUcnSCiKvVBZrPEzcHha7IDKsJooGgMV-VJZn16xnHCMskumVH17QjweQQodD5UUOUClyvOVA3-nXeBtwWgTRwE1jm3_kX9p8oY&sig=Cg0ArKJSzJ0J1zUdu9DnEAE&cid=CAASJ-RogGsKXvHEsUAjGb1BRIY8MKKyOBs3N-lriwmygELVFDvXzG3TSA&id=lidartos&mcvt=487&p=0,437,90,1165&mtos=487,487,487,487,487&tos=487,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1253105972&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1657236861593&rpt=809&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: protected-by.clarium.io
URL: https://protected-by.clarium.io/log

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthhzHq2u1aXCzIvoTcnuEmE4O4vORqON3cpe88sPyCvKdJR9mHbTwHEVjKNsACcRhbQ9r1Ee9AWNY0SB7Xkj3hOUIZZdd0nvWFuyLBwiqfH8_miQRYk0EsB0FJxz-xT8gLy1m81g&sai=AMfl-YSTfLZomExXD383Pv5-x50dQgH1h-P-q_KT3cf5gd_cBS8yCRtycFZhiOE5VEgiEuf1l8hF1FnAFZH3opXNpiEhCxqbBmCZ0vZWpslfeZ5hsC4UqmIPNsl7t1sQ&sig=Cg0ArKJSzEVYdzt4F2l8EAE&cid=CAASJeRojrGgGQ-UVQD-2Ug34rai2Tl9SPa0X1SQQhBJJ4b1gRZtL7k&id=lidartos&mcvt=1476&p=0,437,90,1165&mtos=1476,1476,1476,1476,1476&tos=1476,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1253105972&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=b&rst=1657236862917&rpt=334&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: protected-by.clarium.io
URL: https://protected-by.clarium.io/log

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvu4AF-lLfOBZCsBe6jYWCpuO-6uRchTi2spK4uNdrbUrSQ8wZVDwxkeHKwRXLP6EZFc9ekN7DKAtD0IEZ4qRjwDfFb6JfA5ALRv-kfcba00ES34luHoV86ilqisZpn7ChefqKEAQ&sai=AMfl-YTSmerk5stLZOq23pvXmCvZb1_qGsm_63GNIW3uR2aUO8u7Qmf4F_120-QfwU-u_bU34c81y9YG0imk80fGVTYFNtl7cxodyUoqZ3pgdWi4cnkvzr31SsBM_ab1&sig=Cg0ArKJSzO9iISI0SDnaEAE&cid=CAASJeRon_r0qMkc17IorHNKmGlCHz1Ke_3qneJs9cIE_QKdqkFaobU&id=lidartos&mcvt=457&p=0,437,90,1165&mtos=457,457,457,457,457&tos=457,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1253105972&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1657236864746&rpt=354&isd=0&lsd=0&ec=0&met=ce&wmsd=0

Domain: protected-by.clarium.io
URL: https://protected-by.clarium.io/log

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.wheresgeorge.com/	1970-01-20 13:06:12	Name: mid Value: 294381985
www.wheresgeorge.com/	1970-01-20 13:06:12	Name: backgr Value: 3-med
.wheresgeorge.com/	1970-01-20 21:51:48	Name: _ga Value: GA1.2.526263631.1657236860
.wheresgeorge.com/	1970-01-20 04:22:03	Name: _gid Value: GA1.2.1260488133.1657236860
.wheresgeorge.com/	1970-01-20 04:20:36	Name: _gat Value: 1
www.wheresgeorge.com/	1970-01-20 05:03:48	Name: _pbjs_userid_consent_data Value: 3524755945110770
www.wheresgeorge.com/	1970-01-20 08:39:48	Name: _pubcid Value: 8c777218-b2f0-477d-a240-b53401944d45
.prebid.a-mo.net/	1970-01-20 13:06:12	Name: __amc Value: 2_1657236860_1657236860
.adnxs.com/	1970-01-20 06:30:12	Name: icu Value: ChgInIc_EAoYASABKAEw_dqdlgY4AUABSAEQ_dqdlgYYAA..
.adnxs.com/	1970-01-20 06:30:12	Name: uuid2 Value: 7547985997208593745
.rubiconproject.com/	1970-01-20 13:06:12	Name: khaos Value: L5BO1DTG-6-9F2P
.rubiconproject.com/	1970-01-20 13:06:12	Name: audit Value: 1\|naVuGyos1qoMBiAYsheyKbU1ZxogGjlwOA+xFj1I9sdCW7L1Z9UHRl4j7zJR6i00m1TfJLKk5A7gS77H2AzvuHKY++jymV4/JtkSEIPx73hSUOwFm0bYXQ==
.wheresgeorge.com/	1970-01-20 04:20:36	Name: lotame_domain_check Value: wheresgeorge.com
.openx.net/	1970-01-20 13:06:12	Name: i Value: debe1c5a-b7ca-4631-af2d-602352d662db\|1657236861
.doubleclick.net/	1970-01-20 13:42:12	Name: IDE Value: AHWqTUkeO4lNlXGN79eHW-So4zxOJ0yd2BWJRf-MR_yFfUhirKQUcnlKfHQaIRU_zpU
.casalemedia.com/	1970-01-20 13:06:12	Name: CMID Value: YsdtfhVhDKDia9NSK2xVjAAA
.casalemedia.com/	1970-01-20 06:30:12	Name: CMPS Value: 1112
.casalemedia.com/	1970-01-20 06:30:12	Name: CMPRO Value: 1112
.criteo.com/	1970-01-20 13:42:12	Name: uid Value: 452a373f-b0e0-4196-8aad-185ea241303c
m.exactag.com/	1970-01-20 06:30:12	Name: exactag_new_gk Value: a9f792ecc573436fadbbac21181af823%7c05.09.2022+23%3a34%3a22
m.exactag.com/	1970-01-20 08:39:48	Name: exactag_new_uk Value: 3c1616ff92df465a930b821f86c5d8da%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: d98703480f874413bed3b15b
.demdex.net/	1970-01-20 08:39:48	Name: demdex Value: 17293912268491507752101058755745002387
.skydeutschland.demdex.net/	1970-01-20 08:39:48	Name: skydeutschland Value: 17293912268491507752101058755745002387
.doubleclick.net/	1970-01-20 04:20:40	Name: DSID Value: NO_DATA
.wheresgeorge.com/	1970-01-20 13:42:12	Name: cto_bundle Value: z1t4mV85THhrekNORk5pZUVTJTJCNDVOcnZVQndONkdWeDclMkY1SjV1UHZqT2JwRVphUWJCcjgwSjJqY1EwZHdpVHVtZ0xNMmJZSkFrdmF6aHVHV3V5NThLZWFwY1lrMGwzTGlVdHpFRDZVeVhIM1FZaXE2d0xTQ1NzYngydTBMJTJGNGNEaEZEZ1pSdXUyNXRNakJXN29vanlWdHZKTE04UXE0V3RsdU9Oc0dVdlZHb2ZaR2MlM0Q
www.wheresgeorge.com/	1970-01-20 04:20:40	Name: _lr_retry_request Value: true
www.wheresgeorge.com/	1970-01-20 05:03:48	Name: _lr_env_src_ats Value: false
.wheresgeorge.com/	1970-01-20 13:42:12	Name: __gads Value: ID=947991643eba1d8f:T=1657236861:S=ALNI_MZbH161nJJq9DGnYa704JBQ03ErMA
www.wheresgeorge.com/	1970-01-20 05:47:00	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-07T23%3A34%3A22%22%7D
.wheresgeorge.com/	1969-12-31 23:59:59	Name: panoramaId_expiry Value: 1657323262890
.adnxs.com/	1970-01-20 06:30:12	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IldqlCZr!]tdE8i_iqf!oN/@E'zz<Z0Q^S`os[q7b+-:NJ[OHg_1g.Nk$S-aCa+uJvTD._*PlZ[C[-kX-I2TS/
www.wheresgeorge.com/	1970-01-20 13:42:12	Name: cto_bundle Value: LfJwl194VWh3bmx5JTJGNHklMkZoa3JiWnVYaTElMkJiZjVISDVmYjBRclclMkJ5OWV5dCUyQjhUS2JKRkJVb2x1M29haVI5SjlaSG5zQVlEbUdjTGhwS0RhNmg3blVUZm9DTjh1N29ZN1FTbkZJJTJCbjduRkdmcTlzY3o5UHIzd2NPNzBGUjVqUnB0RXFSTzBUNEJTUW9WMFQlMkZTZGhic0owTHlRUSUzRCUzRA
www.wheresgeorge.com/	1970-01-20 13:42:12	Name: cto_bidid Value: H1cat19qbSUyRjY5OWdNc0RwdENCdHFIOVBsOHBubUVEWTZQMmh5QVJxUDJFd0lxY1RqT3YlMkJ3SVg4ejQlMkJjS2dZUE1tTE9QVXA1eWliZSUyQmF0alNuemdST0lXYkVVWW15d0ZXeWZvU1AyU2tDdnRyODZJRGV1TDFCZ3R3WWFUWXcwZkQ2S29L
.ctnsnet.com/	1970-01-20 13:06:12	Name: gid_CAESEG4yM7v6L2OWWstggaag7q8 Value: 1
.ctnsnet.com/	1970-01-20 13:06:12	Name: cid_8b5e0b463c03490dbe12fec6c6e27cc0 Value: 1
.mathtag.com/	1970-01-20 13:46:32	Name: uuid Value: c6bc62c7-6d7f-4000-8712-63c919dbb88a
.mathtag.com/	1970-01-20 05:03:48	Name: mt_mop Value: 4:1657236863
.adform.net/	1970-01-20 05:05:15	Name: C Value: 1
.everesttech.net/	1970-01-20 13:06:12	Name: everest_g_v2 Value: g_surferid~YsdtfwAOoasOhAA2
.adform.net/	1970-01-20 05:47:00	Name: uid Value: 5677788776834192834
.travelaudience.com/	1970-01-20 13:50:51	Name: _tracker Value: %7B%22UUID%22%3A%220A9DFA16-229E-4DEB-B898-836A6CB44667%22%7D
.yahoo.com/	1970-01-20 13:06:34	Name: A3 Value: d=AQABBIFtx2ICEKHk9y-xnuiNccMznonx_WwFEgEBAQG_yGLRYgAAAAAA_eMAAA&S=AQAAAu-BwicTXO9F7w3dOXMB2zU
.1rx.io/	1970-01-20 13:06:12	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5b386a52-ebf5-4d6a-a563-35fbc90b14af-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 13:06:12	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-5b386a52-ebf5-4d6a-a563-35fbc90b14af-003%22%7D
.analytics.yahoo.com/	1970-01-20 13:06:12	Name: IDSYNC Value: 18yl~25vz
.spotxchange.com/	1970-01-20 05:00:56	Name: audience Value: 567c73b3-fe4d-11ec-9acc-1e875f050206
.casalemedia.com/	1970-01-20 06:30:12	Name: CMTS Value: 1216
.simpli.fi/	1970-01-20 13:07:39	Name: suid Value: 12C7168D98454C1D8FD2FF7DF76C2F79
.turn.com/	1970-01-20 08:39:48	Name: uid Value: 3968608677074482666
.tidaltv.com/	1970-01-20 13:06:12	Name: tidal_ttid Value: 096e7fec-02f6-4cb4-a7b0-260bb1113ab1
.tidaltv.com/	1970-01-20 13:06:12	Name: sync-his Value: "H4sIAAAAAAAAADM0NjQ3tDI0sgAA6edmIAkAAAA="

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://www.wheresgeorge.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'https://www.wheresgeorge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=26 Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.pubmatic.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
api.rlcdn.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
c1.adform.net
c2shb.ssp.yahoo.com
cdn.doubleverify.com
cdn.id5-sync.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
d22b1bf4b217f50adf3ea4307d09d791.safeframe.googlesyndication.com
didna-d.openx.net
dsum-sec.casalemedia.com
fastlane.rubiconproject.com
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.crwdcntrl.net
id.sharedid.org
id5-sync.com
image6.pubmatic.com
image8.pubmatic.com
invstatic101.creativecdn.com
js-sec.indexww.com
m.exactag.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
privateads.rtbhouse.net
prod.uidapi.com
protected-by.clarium.io
r.turn.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
skydeutschland.demdex.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
storage.googleapis.com
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
tags.crwdcntrl.net
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
wheresgeorge.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.wheresgeorge.com
api.rlcdn.com
pagead2.googlesyndication.com
protected-by.clarium.io
104.18.18.126
104.18.19.126
130.211.29.253
141.95.98.67
142.250.185.66
142.250.186.34
142.250.186.66
147.75.85.234
15.197.193.217
151.101.129.194
151.101.130.49
169.50.137.182
178.250.0.157
18.156.195.47
185.29.134.244
185.33.221.90
185.64.189.112
185.86.139.102
185.94.180.125
198.47.127.18
198.47.127.19
2001:678:cb4:bbbb::11
213.19.147.44
23.35.236.201
23.35.236.247
23.35.237.56
2600:9000:214f:2400:8:48e:53c0:93a1
2602:803:c003:200::21
2606:4700:20::681a:8a9
2606:4700:20::ac43:4757
2a00:1450:4001:800::2001
2a00:1450:4001:802::2002
2a00:1450:4001:803::2004
2a00:1450:4001:809::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2010
2a00:1450:4001:82a::2002
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:3500:58b::4469
2a05:d018:24:b002:9c86:618d:a8aa:eb77
2a05:d018:d29:3602:d584:42d3:abd8:529d
3.120.67.34
3.126.56.137
3.138.210.41
34.102.146.192
34.117.97.210
34.120.133.55
34.120.135.53
34.149.12.213
34.98.64.218
35.186.193.173
35.190.0.66
35.227.252.103
35.80.221.146
37.157.4.40
46.105.202.126
51.89.9.252
52.209.247.136
52.31.146.195
54.154.180.162
65.9.66.97
66.155.71.150
69.173.144.165
85.14.248.71
002893c5d967f858928b6bd83bbbb94b1df640d44b5f96b5438f649d74a583af
008a1fff429c2bef4d6b6ac4d12b6c91e1d46e4cde74c71621896c24d00eafe4
0675f8c5f95aace6fc793cea8f20d35871e47825cdf275c08981a6aa5eaa025e
07e5a182d358978ed8a0e16bed9ab005a27721c77556120af4dd02f0d35a6597
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8b2da42e63cfbe1929809bf08001dbc90fb04da686e8f1895c96c2e3476586
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0bd2a2b65fa258c88704613fbaa9261c2ace4b5d8fdaec5e6790efa4554e13ff
0ff058a1eedbfa983c9457ecb224f1780a75523d0410d164c3ac6855ae75ebd5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
131c05e477bf8353eec219f9f266b5ee87a1b9fbe74937c3950ed1377ff78e8a
1341e417b9eb1f94da0c9e3dc1a880b77195e2e0da037c3adfd99adeb55673a6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
191ad33371b27fc1982dd92307fc8961c2f6d8367cbad961ddb47db9e6ebc170
1c008b3684df8cf75f020bd759aa1f63d80456b77daf1076745be29ecdb9303a
1d3bcadfd8c6c942428d4da05a4f74d77c3ae116691a1b7134edfe6381a2530c
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
20d76b987a91b2e8fd71d72368d259c79ddfb1443b10c415944ca5a5f47bc0e7
222cbd44beda0de2293c5eb373dcbe8ef2a81dd8c67b364224bc3ef2061d3354
22c36e25c3465048bdd6cf355406ba688c423d3ef7b95b60caeb716939fda79c
232e43b5e68fba4ffd775a6d185b66a528c0125b53825339740f04d7d9d5bcd6
235f932738eb99d01f5ebe8793b1b8373794816524102a9cae732baea79ad8e7
255248acea88c804d261a88cc5b24295470fbd9a7859b9311e8c8a84428b13b4
256f9a6884f0fd687db14173b1e1cf16afd2a304c56765c8bb9a29e931522423
27c167a66fe7195d6169a97715a3becf7e3d5892a12b2825f77959d1c21bfaa9
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29c7dc1333487ffb5ff8332547585101be64e8323c334b6542092bf21e4f1fa0
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2b6bdedf30dce0674375bdde60d211a32d50fd18df2402730def2b8f2de7988d
2c88c7412e06903ea591717aa0c95018a0d521d01bf4724031250dc867eb327a
2f438f92dec5a704e8bbea10d834cf887532e5ff54c6e3b026ff7b1ebce826b0
2fe20a335d5520434cd6de7b751149ad6fa58f434f6d50e95e22db62335c5a9b
31e8bd455a46356864b8e3ac5b93bb80e251a56ece6463f486c42c45a267d72e
31fa6af9ec279ad519910e41fbb5501723d92e666ffcedf8fff4d3b3c12c5dae
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3744148146302322231a628ce76f82303067ab5504de9c5dad723f744843bfa0
37ab5c060ae53ccda75b8bd212d874a17650f7954b11c4e31f568990ab40196b
3a039320869dbb5fec283340eb73afcbca4522ba97a738b5eed610d0daad145a
3a1790db3b9c71cef0f5e3a7f678304da0ffb59aca1258556302084616c7b006
3d914886a61937fa4212395b17186b750c932381dbd90bc1bf07cd194cbc29ac
3f554402586b6d6141a35ff7838ecb350f34b95632f489dd26230c748293a24f
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44a6c0cc167c3e583045aca6ba1f9b3bb1f8d00fadcebb3d3d1d14974cc50543
483c2b80d023750b1ae153503cefd114d5a6ced41c6ff8a8860b00bc99b78924
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a5aaf331d518d87b28886674397a0a1e6af458e794c17950f8eebcf28bef136
4b059f655cb3ce0e5922c5e3a89ee354b0f4e2a00100fb6342deff54eb95f50d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5e2127a365b8af0675e6caf355bcb71392c0e338970df87dcd1205e182c014
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
534045a400bb3041a70ba98abd251695a77815dd9ca72eb93b68844c11533908
5391405988a0a888b723140b13d61c647396d79142f5f5cdfb024da6866f5860
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56461ffccda775adce78f8b68d8ad28e5abddd893b7612ebd16344ccc6d66c95
571cc1e3b9210a3e1da4b1ac7292fc391da3cd6589310619cc597dcd8e22a853
5948c940e4cd9dad9b958313b8ab760bfb85c7a3dad4332c6fb5f9ebb6ce695b
5b4334add6dee04212cda4a51a60a525eb694b2934108b340a91839ba913a6d7
5d677122a9b90a2c222c83a3b5b87c66c62724995371c1e70cc563eb18c6f5eb
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5fd71fec9149992e104527f93147f22cb2aa94ee8bc3fa740e0137470183e7b3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63204a4366f70331c617799720504e257d997307ac8dbb414c695613aa772e2a
638cfb0d2fd292f4c4a16b104c18ce0e9a6626319a40997e3aaddbb159cce44e
65fdbffb25ba308ac10bef5f501539fc954abd0aa7d524e3d9c03e552eb90d74
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6aec19cb1d1fcca0bea0893c4aa120950d14da9972864d112b1699c92ade9109
6c1d9973ca5c62cf51fbb097b24568a2e8ac42584bcbbb3f3d40db6d5ac7a1bb
6c2e6d4960983f94815d55921e87f40d9e4cb01f16703c7a8652fa4561fd4dbd
6df19aa79226f50b356234994694f481dc10822142b83c244ea1b02e7ec9a0b8
70751679ec1e2f27cd958b14c2b87f5b1b7fd4e7fbbce340bb3ca6f8dfd82d0e
78a36a168e5a010dfe5866561929b7fbfd0224b70954a20217f6e64401aeeea6
78c19f0f48c2039268244bea64d0c0d6b0e99739baf0706c043f4a7fa5b9a49f
7e73d4b74d14162b1d0b2d35585058d806f07513b84aa6cbb2d8e9fa51be9d74
7ede111855afea562c88ebe5563df368faaa1e6a2b9057e3d8aaa2b9ddadaa75
812037a0c79deb55065e9488af1295c2df3471d0ea77466047b0b1f1cab610ba
815ee379589e2686af0a423df3987810358aaa03ea11a46250de270ad307a383
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8731b24cdd3437a8da8618f85194973a5b248ec42a27adaefe618e3257214cf3
89db7a5e9d6bc7ec69055c53c5f85653706049ca08ee1bd50fb1d79235143152
8a4cffc5a49036f24eb4fc41e5a2429d35aaa26301955b865d206643317e9a92
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ac894480d5d3a92f5cd76bc77c3e53195a6deeb40298557154f7704ea59a208
8f42c0d31abbe564d1896e699fa66886884866d5ae5e9d8ea66e086bfb7cb6f7
8fe64f1906ce3be87e4b02b102a32afcfc77fa567469efbdb60f63cd7fcb38ef
90f7e583fbd484f79db863bd15a70eb5f8b111c517cf35b5cc11a261b1de0c0e
913a2c7f8ab991ea1ad9d9fcfc9cc8ea217f80bfcb4613442054bc959b54b431
93914405cabd289b9a1c1d654068c930788bf15d875607ea0e4062a625b8aab2
94a64debb73115b6e4bb5816aad62b1af7c6584b2139d9a2d9480dbf4220561c
9590d182442a6ca08c92ccdf553c2cf084164a597cd68fdca297966ff8c8c291
95e3219c1064e6c9213543d8df1ee2981f1b2124160904e6289e83a45393cfbc
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97aefe4a1c50e7bf4bd5eb810781749a1aa540fe755c4e1e45aa82414c0b5818
9864649e3535044a0314257831ed4d4562f3306d66ec9257ebabb7074dbf0fef
99c15e7fd67144f03060690dc3622989daad64a9c39e825ca30e2beb532b8536
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cc6470204dda1b6135b76c42ed59cefaed8dead87385d110742669f54d4b054
9d44418aef78b2e4586c639a6b4e57b4b9fc93a958bf2dd254b70553d51dd06d
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9f0da298e31dd1a50b19d710bd787a8adce25afcaf4a89ba5fcf819c6662723e
9fe82976b037bfb21b0977871949ca3ecc4602f5b90c2b7c7b322068a2cc5341
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00a3d74bfd9bf4d11b571bc44134fcf0a31b0a98f04170c89c526c080eeffd7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b0c8f5e1ae97f2d710487ab8ef30aef511de8af94cebd10fc6ff811d1d6759
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2b35d9f73e68484712519c315b452b1331fcb1c5591505f3b556fbd8a3726e7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5b8de4e2cd40384a91cce39499893003b38be1a9504251dfc8339f2d78b1944
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a8a7f3a4e2585a36bd58dcc79a55c6d1457f42f10ee04e0c74abc36451a08686
a98264f124d01f0027fcae2a3db831896358a5548bed824e071eac9d5c80e6b4
ab612e26357285522cbacea29b729bfdff3b7342c75ee9438ab83a27ce4b297e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b571fcad8128b028fa991009315020350ef5e296d826df2c6c8b6367a1e8fc27
b63a4e3104cb86cf0e40841e7dff089e9337801cebd1fd800c147b8c046fb104
b925fd0ba0388372309bb41e931b81d430d8331b28f0eaf756af46c8f9d00b6d
bb39bebbd7f4e85e246bad334c010af4b9c79b577055082afe141d2266bcf53b
bcdac686e3dcaff3f7a4a23dab122b929059d6895e532ef610e0bfebbe3d9be9
be5f356bf1118905357acf346dc551a233c54b218956c43811bd0d79b80eb84d
bf638dc485c7779030c4ebfcedb3a85bde91f647712dd852cb0a5f974896cc2a
c22dc3d31dccd54ee6cc46af4d6b0970e7c684bb32c3812b8371b0e271905b2b
c2e915e625be4f06b78cb1b925edff38d601fcaa1759234ad3813579cefc1c58
c651df74bd888f4a06287871974f33dc00a6da4103e937dae5b9905254efb474
c6c0b4e21c6124aad5592c58586d1a7941990662a9d5e896e564eae1ad02d4c9
c6f35733b79b1d6797353f4aa427becf64a36417f0e1ebce4da187e3ea9341d9
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
c84615457f9332569ff8501c382a395ef9fe116a9add5034b4ebc62c9bceeb3d
c8897a51c3ce73549ac19113a25c117e092efff90e1233adfdad32376bc86f67
ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4
cabea06371ff3f26ecf21fcac0c279ae3bd92f787624d3215bc6ba3121c4806c
cac3ee9d7b899032a698e9d14e8169304f636f49b467f1b136275620e36ca95a
cb33b3b2fa42f7695238fb0adc21dfd3d85b93402dc9d6997d645e4b7780245a
cbb03f50a14117181c4c8c8b846de53885db37294c71a8414b2676f894015fb5
ccae9c5906e39a052b547be26a1da7449933b4252c7ae0d7ec4f4e62ce1c819c
cd5f0fc69b30c05ee89fcede367beaed2300cc1e91de5c5629cad29e7fa91be7
ceb3e21b12cee2d7b06c11af67a1367200453771fc881522a6715e9791ff22b2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f
d611b833acb1fbb29c03f25d02ad3e18fbb8ef97cbbc42a99fbcb816319f608d
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d732474ea3dde1a32537b4a34633a2aa81667dc0a7b43ca2ae96b2ad113a0b3b
d7fae18de875f131f9962b002379d31c5b0f33a917be900337718f66877948b6
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da4f3b2e0ca2bdad54c77c30fe4e209f95fc88cc5d67cfb42e66c9d0259ac144
db0310fb3082e3ceec233b5bc61a72cfb06647514f06a22aae6b857d07e91b79
dbf2e4d7a491afaa7aa1d29ae72d71c78b5470f1d610b3eab6f7b9c8d6444404
dc9873bc59ebafd842a188266df556dfaace2a0ca646c556e5ed09923551bade
dce531eee4c5fdc685dbcdb1470072755405690fdfdd930a6e22e463f78d284e
dd41b646250576c87600d36db00f6543440e3a07c73c69d33dfd7f7dafec08cd
ddecbadcc9578d1b7788ae2a67bf3c493f555f1a7928e6c73c965f0ecb9cf955
dedd8e1414987010bb2a298eb85c0cac71493b151e9583c3d11c1f9e14c604c4
e0426dbe67dd4f52df684e50d0e6d33f68f73bd83ba416b7e26b1227a61585d3
e0e17b1b2c8c884ef95858b7cce3c572ebdf32d5da4ca26a366dece88bda76a8
e27baa66e35f5d5adc061e7e1dde7ecc416a7ae08a15b8e0c6f36e7a2557e5a7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ed2d3ba588437ab0954941c0edd797482ed06264b1ca9e6806ed6daeb07b43
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069
e817c7ee85c56f334151a200c5978200e84ebfbaf85eac673f36346c38b34879
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea16ff7bf9ef54f0834c960fca035b7187ec55fc4524c5a70c6afae2f81b0e29
ea26541328e32b6c464911d166b8e8100b2b0992260d6937a0a3ade3b677ab32
ea8dcf94a62e4ac82246b2224d85052c2308c4c8123dd8b2c4c154cebe9b47f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e99024b87d4ef1f530e0383185c7b9c1fa8c902f1cac07e13c0d9892326876
f3cb1db2d0a51e283ae6fc0d9cf5aef88f250ce5166bd994435d8b7d068cde87
f4a5fd4d0f907ec6a3687facc5a90765a945864f373360240907f8e788dcff54
f64f12e5474480f9b66cd6231874622c4e0fbc168d7d9708aae94183f01e6a1b
f8b3ef815cff94112dab4e2b035a97c3db4bdd77b3569ff338921178b084f0e1
f8d71892deb8ef0496585f4d5a5199b23eebcd595b8acf7ddb92009b72e31596
f9e8d20ef12326ef36bf564e60235ee70cf4e754e2834432286acc954884e983
fc095eaf21a025ca7594e25b5797c98e36d14e5565330e8377dc25aee7ceab25
fedf7a96d9f67f560198fa4e96d5f49a5b25c1dd23d406169a0b3b74ea3968b9

www.wheresgeorge.com Open in urlscan Pro 2606:4700:20::ac43:4757 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

315 Requests

85 %HTTPS

29 %IPv6

50 Domains

79 Subdomains

57 IPs

8 Countries

3045 kBTransfer

6788 kBSize

52 Cookies

18 Outgoing links

Page URL History

Redirected requests

315 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 21 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wheresgeorge.com Open in urlscan Pro
2606:4700:20::ac43:4757 Public Scan

Screenshot
Live screenshot

Full Image

315
Requests

85 %
HTTPS

29 %
IPv6

50
Domains

79
Subdomains

57
IPs

8
Countries

3045 kB
Transfer

6788 kB
Size

52
Cookies

315 HTTP transactions
21 data transactions