www.wheresgeorge.com Open in urlscan Pro
2606:4700:20::ac43:4757 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.wheresgeorge.com/
Effective URL:
https://www.wheresgeorge.com/
Submission: On October 20 via api (October 20th 2023, 9:25:16 pm UTC) from US — Scanned from DE

Summary HTTP 233 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 70 IPs in 8 countries across 54 domains to perform 233 HTTP transactions. The main IP is 2606:4700:20::ac43:4757, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wheresgeorge.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 19th 2023. Valid for: a year.

This is the only time www.wheresgeorge.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:635	13335 (CLOUDFLAR...) (CLOUDFLARENET)
45	2606:4700:20:... 2606:4700:20::ac43:4757	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::201b	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
3	104.18.24.18 104.18.24.18	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2400:52e0:1a0... 2400:52e0:1a01::953:1	200325 (BUNNYCDN) (BUNNYCDN)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.155.129.34 18.155.129.34	16509 (AMAZON-02) (AMAZON-02)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:1000:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:2600:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
1 6	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
4	145.40.97.66 145.40.97.66	54825 (PACKET) (PACKET)
1	2a0c:5c87:524... 2a0c:5c87:5241::2	55081 (24SHELLS) (24SHELLS)
3	18.203.132.178 18.203.132.178	16509 (AMAZON-02) (AMAZON-02)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 11	104.18.27.193 104.18.27.193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.48.84.121 52.48.84.121	16509 (AMAZON-02) (AMAZON-02)
4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
3	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	52.48.164.189 52.48.164.189	16509 (AMAZON-02) (AMAZON-02)
2	2600:1901:0:8... 2600:1901:0:8344::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6812:1691	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a0c:5c87:523... 2a0c:5c87:5239::2	55081 (24SHELLS) (24SHELLS)
2	34.95.69.49 34.95.69.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a01:4f8:262:... 2a01:4f8:262:3e00::2	24940 (HETZNER-AS) (HETZNER-AS)
1	162.19.138.117 162.19.138.117	16276 (OVH) (OVH)
1 3	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2 2	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1 3	185.83.71.234 185.83.71.234	55081 (24SHELLS) (24SHELLS)
3 5	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
6 6	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	2a05:d018:d29... 2a05:d018:d29:3602:d271:299f:5c6e:4925	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.111.131.239 34.111.131.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 4	52.214.195.193 52.214.195.193	16509 (AMAZON-02) (AMAZON-02)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	52.94.223.167 52.94.223.167	() ()
1 1	85.114.159.118 85.114.159.118	() ()
1	2606:4700:10:... 2606:4700:10::6816:1857	() ()
1 2	77.243.51.122 77.243.51.122	() ()
2 2	51.222.80.231 51.222.80.231	() ()
2 2	18.198.126.47 18.198.126.47	() ()
233	70

1 2606:4700:20::681a:635 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.wheresgeorge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:20::ac43:4757 (United States)

ASN13335 (CLOUDFLARENET, US)

www.wheresgeorge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

client.crawlerlogs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a01::953:1 (Los Angeles, United States)

ASN200325 (BUNNYCDN, SI)

didna.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-34.cdg52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1000:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:2600:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.211.116 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.203.132.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-132-178.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.27.193 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.48.84.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-84-121.eu-west-1.compute.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.164.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-164-189.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8344:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

lexicon.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)

cadmus.script.ac	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)

ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
didna-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

78d126189053d3b053cee713f6b0f6e8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a01:4f8:262:3e00::2 (Falkenstein, Germany)

ASN24940 (HETZNER-AS, DE)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States) 1 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.90 (Amsterdam, Netherlands) 2 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.83.71.234 (Cricklewood, United Kingdom) 1 redirects

ASN55081 (24SHELLS, US)

sync.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.157.6.233 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.66 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.151.131 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:d271:299f:5c6e:4925 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

cm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com

idsync.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.214.195.193 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-195-193.eu-west-1.compute.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.94.223.167 (None, )

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1857 (None, )

ASN- ()

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.51.122 (None, ) 1 redirects

ASN- ()

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.222.80.231 (None, ) 2 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.126.47 (None, ) 2 redirects

ASN- ()

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	wheresgeorge.com 1 redirects www.wheresgeorge.com	1 MB
26	googlesyndication.com 78d126189053d3b053cee713f6b0f6e8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157 pagead2.googlesyndication.com — Cisco Umbrella Rank: 108	340 KB
17	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	205 KB
16	pubmatic.com 1 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 581 ads.pubmatic.com — Cisco Umbrella Rank: 588 image6.pubmatic.com — Cisco Umbrella Rank: 967 simage2.pubmatic.com — Cisco Umbrella Rank: 959 image2.pubmatic.com — Cisco Umbrella Rank: 1116 simage4.pubmatic.com — Cisco Umbrella Rank: 1354	28 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 379	310 KB
12	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 5736 c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 2338 ups.analytics.yahoo.com — Cisco Umbrella Rank: 363 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491	12 KB
11	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 570 as-sec.casalemedia.com Failed ssum-sec.casalemedia.com — Cisco Umbrella Rank: 513 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 716	7 KB
7	openx.net 1 redirects rtb.openx.net — Cisco Umbrella Rank: 912 oajs.openx.net — Cisco Umbrella Rank: 1906 google-bidout-d.openx.net — Cisco Umbrella Rank: 1919 didna-d.openx.net — Cisco Umbrella Rank: 68098	1 KB
7	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 261 acdn.adnxs.com — Cisco Umbrella Rank: 663	22 KB
6	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541 dis.criteo.com — Cisco Umbrella Rank: 648	8 KB
6	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 563 eus.rubiconproject.com — Cisco Umbrella Rank: 662 token.rubiconproject.com — Cisco Umbrella Rank: 504	15 KB
5	adform.net 3 redirects cm.adform.net — Cisco Umbrella Rank: 1279 dmp.adform.net — Cisco Umbrella Rank: 3616 c1.adform.net — Cisco Umbrella Rank: 643	3 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470	32 KB
4	audrte.com 3 redirects a.audrte.com — Cisco Umbrella Rank: 2979	3 KB
4	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 913	1 KB
4	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 5991 ghb1.adtelligent.com — Cisco Umbrella Rank: 8308 ghb2.adtelligent.com — Cisco Umbrella Rank: 10231 sync.adtelligent.com — Cisco Umbrella Rank: 3512	4 KB
4	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1090	571 B
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	870 B
3	weborama.fr 2 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 22832 idsync.frontend.weborama.fr — Cisco Umbrella Rank: 27465	896 B
3	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 328 aax-eu.amazon-adsystem.com	2 KB
3	adtarget.com.tr 1 redirects s.console.adtarget.com.tr — Cisco Umbrella Rank: 12726 sync.console.adtarget.com.tr — Cisco Umbrella Rank: 13369	2 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
3	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 4304	1 KB
3	gumgum.com g2.gumgum.com — Cisco Umbrella Rank: 1583	2 KB
3	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1319 lexicon.33across.com — Cisco Umbrella Rank: 1726	5 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1164 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073 sync.crwdcntrl.net — Cisco Umbrella Rank: 1011	12 KB
3	creativecdn.com 2 redirects invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587 creativecdn.com — Cisco Umbrella Rank: 646	2 KB
3	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 753 cdn.indexww.com — Cisco Umbrella Rank: 1795	15 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	21 KB
3	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 439 fonts.googleapis.com — Cisco Umbrella Rank: 49	17 KB
2	exelator.com 2 redirects loada.exelator.com	2 KB
2	onaudience.com 2 redirects pixel.onaudience.com	925 B
2	semasio.net 1 redirects uipglob.semasio.net	1 KB
2	quantserve.com 2 redirects cms.quantserve.com — Cisco Umbrella Rank: 929	994 B
2	gstatic.com fonts.gstatic.com	67 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1374	104 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1696	26 KB
1	zeotap.com mwzeom.zeotap.com	439 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	524 B
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 952	610 B
1	ctnsnet.com 1 redirects cm.ctnsnet.com — Cisco Umbrella Rank: 5170	442 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1024	425 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1145	280 B
1	script.ac cadmus.script.ac — Cisco Umbrella Rank: 2049	47 KB
1	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 6069	494 B
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931	3 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	1 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2118	8 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	13 KB
1	b-cdn.net didna.b-cdn.net — Cisco Umbrella Rank: 51776	1 KB
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1168	364 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	82 KB
1	crawlerlogs.com client.crawlerlogs.com	1 KB
0	agkn.com Failed fid.agkn.com Failed
233	54

	Domain	Requested by
46	www.wheresgeorge.com	1 redirects www.wheresgeorge.com
18	tpc.googlesyndication.com	www.wheresgeorge.com securepubads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
9	securepubads.g.doubleclick.net	www.wheresgeorge.com securepubads.g.doubleclick.net
7	pagead2.googlesyndication.com	www.wheresgeorge.com securepubads.g.doubleclick.net tpc.googlesyndication.com
7	c2shb.ssp.yahoo.com	www.wheresgeorge.com
6	cm.g.doubleclick.net	6 redirects
6	ib.adnxs.com	1 redirects www.wheresgeorge.com acdn.adnxs.com
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	a.audrte.com	3 redirects ads.pubmatic.com
4	simage2.pubmatic.com	ads.pubmatic.com
4	gum.criteo.com	1 redirects static.criteo.net www.wheresgeorge.com
4	id5-sync.com	cdn.id5-sync.com www.wheresgeorge.com
4	onetag-sys.com	www.wheresgeorge.com
4	prebid.a-mo.net	www.wheresgeorge.com
4	match.adsrvr.org	js-sec.indexww.com ssum-sec.casalemedia.com ads.pubmatic.com
3	c1.adform.net	2 redirects ads.pubmatic.com
3	image2.pubmatic.com	ads.pubmatic.com
3	image6.pubmatic.com	1 redirects ads.pubmatic.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	rtb.openx.net	www.wheresgeorge.com
3	hb.minutemedia-prebid.com	www.wheresgeorge.com
3	htlb.casalemedia.com	www.wheresgeorge.com
3	hbopenbid.pubmatic.com	www.wheresgeorge.com
3	g2.gumgum.com	www.wheresgeorge.com
3	fastlane.rubiconproject.com	www.wheresgeorge.com
2	loada.exelator.com	2 redirects
2	pixel.onaudience.com	2 redirects
2	uipglob.semasio.net	1 redirects
2	cr.frontend.weborama.fr	2 redirects
2	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
2	cms.quantserve.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	sync.console.adtarget.com.tr	1 redirects s.console.adtarget.com.tr
2	creativecdn.com	2 redirects
2	ads.pubmatic.com	www.wheresgeorge.com ads.pubmatic.com
2	eus.rubiconproject.com	www.wheresgeorge.com eus.rubiconproject.com
2	googleads.g.doubleclick.net	www.wheresgeorge.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	i.clean.gg	cadmus.script.ac
2	lexicon.33across.com	cdn-ima.33across.com www.wheresgeorge.com
2	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
2	oajs.openx.net	1 redirects www.wheresgeorge.com
2	script.4dex.io	www.wheresgeorge.com script.4dex.io
2	js-sec.indexww.com	storage.googleapis.com www.wheresgeorge.com
2	www.google-analytics.com	www.wheresgeorge.com www.google-analytics.com
1	mwzeom.zeotap.com
1	dsp.adfarm1.adition.com	1 redirects
1	aax-eu.amazon-adsystem.com	ads.pubmatic.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	dmp.adform.net	1 redirects
1	idsync.frontend.weborama.fr	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	dis.criteo.com	1 redirects
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	cm.ctnsnet.com	1 redirects
1	ad.turn.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	sync.adtelligent.com	s.console.adtarget.com.tr
1	cm.adform.net	s.console.adtarget.com.tr
1	lb.eu-1-id5-sync.com	www.wheresgeorge.com
1	s.console.adtarget.com.tr	www.wheresgeorge.com
1	acdn.adnxs.com	www.wheresgeorge.com
1	didna-d.openx.net	www.wheresgeorge.com
1	78d126189053d3b053cee713f6b0f6e8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	mug.criteo.com	www.wheresgeorge.com
1	ghb2.adtelligent.com	www.wheresgeorge.com
1	ghb1.adtelligent.com	www.wheresgeorge.com
1	cadmus.script.ac	script.4dex.io
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	esp.rtbhouse.com	invstatic101.creativecdn.com
1	ghb.adtelligent.com	www.wheresgeorge.com
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	didna.b-cdn.net	www.wheresgeorge.com
1	api.rlcdn.com	js-sec.indexww.com www.wheresgeorge.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	client.crawlerlogs.com	www.wheresgeorge.com
1	storage.googleapis.com	www.wheresgeorge.com
0	fid.agkn.com Failed	www.wheresgeorge.com
0	as-sec.casalemedia.com Failed	js-sec.indexww.com
233	93

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
forums.wheresgeorge.com
www.cafepress.com
wheresgeorgerubberstamps.com
redfearn.co

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-19` - `2024-04-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
crawlerlogs.com E1	`2023-09-15` - `2023-12-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
indexww.com Cloudflare Inc ECC CA-3	`2023-09-05` - `2024-09-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-08-26` - `2023-11-24`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-17` - `2024-04-10`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.a-mo.net R3	`2023-10-06` - `2024-01-04`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-09-29` - `2023-12-28`	3 months	crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com Amazon RSA 2048 M01	`2023-07-17` - `2024-08-14`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M01	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-09-10` - `2023-12-09`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
lexicon.33across.com GTS CA 1D4	`2023-10-01` - `2023-12-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
cadmus.script.ac E1	`2023-09-02` - `2023-12-01`	3 months	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-10-02` - `2023-12-31`	3 months	crt.sh
ghb2.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2023-10-02` - `2023-12-31`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2023-09-17` - `2023-12-16`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2023-08-24` - `2024-08-24`	a year	crt.sh
s.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2023-09-20` - `2023-12-19`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
sync.console.adtarget.com.tr ZeroSSL ECC Domain Secure Site CA	`2023-09-19` - `2023-12-18`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-29` - `2024-02-21`	6 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh

This page contains 26 frames:

Primary Page: https://www.wheresgeorge.com/
Frame ID: 8B8A29516BF1EC620B9395AA691C9411
Requests: 133 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.wheresgeorge.com
Frame ID: F23070041FB737FC023738D4EC9D1121
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: B8978AB97E554190538B59691B56000C
Requests: 1 HTTP requests in this frame

Frame: https://78d126189053d3b053cee713f6b0f6e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9E437BA11E2194C8D3D23F1D2DD41F7F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs
Frame ID: 1B1C029B8BB815A375CD4F6213436D0B
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs
Frame ID: F49E93EBE6C1AFC07C3F449849F1AEA1
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032310161805000/amp4ads-v0.mjs
Frame ID: D72C64487FB9E237D82CDCF9A1081F66
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AFB6EA3D6FF69010947BA28CCE282F0B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7E2AE6B4B2DE25C330683350C16FB9B3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 81A72EE89A5E6B82402B71A7F95C6CC7
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: 4F367FE6AD61C061BBC68FAB7349BC21
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1697837108435
Frame ID: 615E2C713FB8D16C41FC117A293B5FC7
Requests: 1 HTTP requests in this frame

Frame: https://didna-d.openx.net/w/1.0/pd
Frame ID: 65D435D9A625D98DED96C5D4F92FC66F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 52D3DE2A36E703AC9412B0232B763D14
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Frame ID: BBC51EBF522C9277DAA364B6CEFFE31D
Requests: 18 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 90A5E7E1BD1CBE7DD828218E9A92A0C1
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: A03706E1B6740B5CDE5409A5C71F06E2
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 633C9077B9F18A1DD05DD8932C49B2C9
Requests: 10 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=y020afC2XQcJeXtEBtGp&pi=admatic&tc=1
Frame ID: B8669F4011B287E4C0551D6A72D00CB4
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Frame ID: 120291FFB1A1AAB8E6B1F1E4BE798AE3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 6D3DDD8E9E7061E39E24FD1644C55886
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&gdpr=0&gdpr_consent=
Frame ID: 014AE1A164F9BB850ECFF7646DAAFC6D
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&redir=true&gdpr=0&gdpr_consent=
Frame ID: FE4823FF765777781B05F246F995B103
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=h50etteYHrycmh_igsoAvYGQGOecmxi11ZhuB3iY
Frame ID: 8CD99972B6F45BF03CA6A59768B88380
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7391414238986357840&gdpr=0&gdpr_consent=
Frame ID: D8F0F74008BF8C10C83159CF978CFCF6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7292154882865952908&gdpr=0&gdpr_consent=
Frame ID: 25B230BA1E2F5F42AEEEE3A127922AC3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Where's George? - Official Currency Tracking Project -

Page URL History Show full URLs

http://www.wheresgeorge.com/ HTTP 302
https://www.wheresgeorge.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui[.-]([\d.]*\d)[^/]*\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

233
Requests

89 %
HTTPS

41 %
IPv6

54
Domains

93
Subdomains

70
IPs

8
Countries

2383 kB
Transfer

5289 kB
Size

59
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://www.facebook.com/WheresGeorge

Search URL Search Domain Scan URL

URL: http://twitter.com/wheresgeorge

Search URL Search Domain Scan URL

URL: http://forums.wheresgeorge.com/forumdisplay.php?56-WG-4-0-General-Discussion
Title: this forum

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/new-user-q-a-forum.3/
Title: New User/Q&A

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/main-wheres-george-forum.2/
Title: Main WG Discussion Forum

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php
Title: Forums Home Page

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/hit-celebration-user-profiles.4/
Title: Hit Celebration

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/two-dollar-bill-discussion.45/
Title: $2 Bill Discussion

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/western-usa.5/
Title: Western USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/midwest-usa.6/
Title: Midwest USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/north-east-mid-atlantic-usa.7/
Title: Northeast USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/south-eastern-usa.8/
Title: Southeast USA

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?forums/bill-collecting-and-numismatics.9/
Title: Numismatic/Bill Collectors

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?categories/off-topic-discussions-wheres-george.10/
Title: Off-Topic Forums

Search URL Search Domain Scan URL

URL: https://forums.wheresgeorge.com/index.php?whats-new/posts
Title: New Posts (all forums)

Search URL Search Domain Scan URL

URL: http://www.cafepress.com/wheresgeorge
Title: Store Home

Search URL Search Domain Scan URL

URL: https://wheresgeorgerubberstamps.com/
Title: WG Stamps

Search URL Search Domain Scan URL

URL: http://redfearn.co/
Title: Royce Redfern

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.wheresgeorge.com/ HTTP 302
https://www.wheresgeorge.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1

Request Chain 120

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheresgeorge.com&sn=ChromeSyncframe&so=0&topUrl=www.wheresgeorge.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=i4wlx3w3YXRRZWRaaXQvSXh2Z1FHbnBscExvTWE3UTd1cFV2TDZJNnN6TVYvZHFOVTdqbm11bFhaYVhDNnI3dWZSZU5PWjZNQ0lNM3R2QU02cU9UemwrQTBESURFbjFnTEN4Rmt6MWxLWUZZeCtoRFYvakdreGtHNks3cy9nZ0ROenJFSTVUUVZWZ05pVm4ydFlUTmd1ZlpySUhLRWJlb2xEQ3dDZUVmRTRsbllDYm9ub0I4TVRpUmE4SE83Zy9US0RtODQxa0szWVB3SkExZkZ1ckMwWkFBR2NRRE84SHJmcVNEMEZFOFVoQ29wVjdiNENyRGFXdyt3bE9nVm03d2Jzd3gxcmZka21Jb28xVjlGQ2RvU2tLYjd0YTNtdnVVUGQ3UEluUk9PWXRkN0x1bz18&cppv=2

Request Chain 162

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 197

https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 202

https://creativecdn.com/cm-notify?pi=admatic HTTP 302
https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=y020afC2XQcJeXtEBtGp&pi=admatic&tc=1

Request Chain 204

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D HTTP 302
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=58c3bc92ecffe7d8

Request Chain 206

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTLwNzIZate0bMA7w1tbtAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPpKyLlMWbCQvvMD6LOJUvc&google_cver=1

Request Chain 207

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTLwNzIZate0bMA7w1tbtAAAFK4AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKYNSkBnOVrLxwX1s-6iJD4&google_cver=1

Request Chain 209

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTLwNzIZate0bMA7w1tbtAAAFK4AAAIB&gpp=&gpp_sid= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTLwNzIZate0bMA7w1tbtAAAFK4AAAIB&gpp=&gpp_sid=&dcc=t

Request Chain 210

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0j8bPII6GzbJOBpo12gFN9QyHW3JOR0_gDrDvuKp

Request Chain 212

https://ad.turn.com/r/cs?pid=21 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2433439836446551911

Request Chain 213

https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3bea900137554605ae23a702b7303360&expiration=1700429112

Request Chain 215

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 216

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8veqQkW2TVy_pQnxnkEZPQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 218

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=44866371 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D

Request Chain 219

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aGE0b2dxTlRzMFJUaXU0bEN5Vk9PbjctZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/a?adform_uid=592016935187172050&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
https://a.audrte.com/p

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjJGN0FBNDItNDVCNi00RDVDLUJGQTUtMDlGMTlFNDExOTNE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAU85OAVc9ySdFq6_pTxKbU&google_cver=1

Request Chain 223

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=592016935187172050

Request Chain 230

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=h50etteYHrycmh_igsoAvYGQGOecmxi11ZhuB3iY

Request Chain 231

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7391414238986357840&gdpr=0&gdpr_consent=

Request Chain 232

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7292154882865952908&gdpr=0&gdpr_consent=

Request Chain 234

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 235

https://pixel.onaudience.com/?partner=214&mapped=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&gdpr=0&gdpr_consent= HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9a473acb1d9c7e4dc132edf8dda3f795&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

233 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.wheresgeorge.com/
Redirect Chain

http://www.wheresgeorge.com/
https://www.wheresgeorge.com/

32 KB
9 KB

531ms
479ms

Document
text/html

2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0154ca2e8440d8b9608765b6c8cdf56a269d0a9b93384a889986b3fc988edf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 819454dc9aaa3651-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 21:25:07 GMT
expect-ct: max-age=86400, enforce
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df8LYGA%2BKQrnVjvuj%2FUYQwbSPtm56tNa0dZEGx%2FXgrCWnFJFu42VxOvblZ1YHbPghrWLWE5hSUtWYAp1MeX4vhzNMxb0JrxACAVrLVm7QhIlpl9ynB451G4C38y%2FdS3A4%2FpmZCroWDTsPSKNf5W%2Fllao"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 819454d7dab039d6-FRA
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Oct 2023 21:25:06 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fd6x9vDp0mAxhiatoa8ZNYZHQ0DN3QlXR0lMD2H8UaSZR6V4EwvGJO7SURdP%2F91w09O728YvhPDHx4jJyXzMcC7gT7za10GnOuVnYvhmfI1GLbTZpXvjWMr9HgTEzLt5HELDFt9XDqPsd8wCXTO0CMAu"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
expect-ct: max-age=86400, enforce
location: https://www.wheresgeorge.com
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 wpJ7OnaoHqqN-SSFOvcy2VKlnmo.js Show response
www.wheresgeorge.com/cdn-cgi/apps/head/ 5 KB
2 KB 487ms
484ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/cdn-cgi/apps/head/wpJ7OnaoHqqN-SSFOvcy2VKlnmo.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d44418aef78b2e4586c639a6b4e57b4b9fc93a958bf2dd254b70553d51dd06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
x-amz-version-id: unIJ3FFnfsyXqpBFcH8o6ddwQmEUXCMN
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZJQ1HTE2RHEC01YW
content-encoding: br
x-amz-id-2: Fj8v3gRjG33nCYky4ldojF6UemGg1Zt++t6ArFbknsxShNtQT76BgwZFSBGtScLOLziGQwj4I7Q=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 20 May 2018 13:52:05 GMT
server: cloudflare
etag: W/"936e534205b414d393664355db3c16d7"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lr6%2BZ849460JR9gFi2faa13ETIrJr83SBcHx7CEyXceH08lH4FtjLTk953CBIZhVR%2BgEBY0u5TONRcdPMckvD2MUzLXrrCTEBsZh32w%2FFCIrBE86J5Rg%2BDonTGhgXJjmEDzQGfxaQyTaMJM0Nutuq14G"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 819454dfae553651-FRA

GET
H2 200 wg.css
www.wheresgeorge.com/skins/wg-green/ 17 KB
4 KB 151ms
148ms Stylesheet
text/css 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/skins/wg-green/wg.css

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f0da298e31dd1a50b19d710bd787a8adce25afcaf4a89ba5fcf819c6662723e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Wed, 11 Sep 2019 22:03:03 GMT
server: cloudflare
etag: W/"4511-5924e2f6646db-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBX50JnPSfYI83a3A1ctEekNcloNm5Foqm3yKedYAJE1X5oC29529AjNjapsvEJwwSQHcH%2FKxXcLdU8G6owq0nPLish78GwIWEaAjsq8VSwNlMU6kMA4MTAm90J%2BgxyTQnuY%2B2y92quMIeDKAwIzxyaZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cf-ray: 819454dfae583651-FRA

GET
H2 200 jquery-ui-1.9.2.custom.min.css
www.wheresgeorge.com/includes/jquery-ui-192/south-street/ 26 KB
6 KB 551ms
548ms Stylesheet
text/css 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/includes/jquery-ui-192/south-street/jquery-ui-1.9.2.custom.min.css

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5948c940e4cd9dad9b958313b8ab760bfb85c7a3dad4332c6fb5f9ebb6ce695b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Oct 2013 20:01:37 GMT
server: cloudflare
etag: W/"6934-4e9e6af248a40-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DC27IhJAez%2FA%2BBQyDaI7utTQHr4vmje0%2BaJlgoQf1n66xDFZ8SkzfmZ4yaGvGhHeHlBOeUlktAhDATosGpEatLsjEOthdhjRrFFOTIAGX9kHU%2BoH5dXiANuqqABI%2BI95DgJR2ZGoRUOccHVUKzWTdinl"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-frame-options: SAMEORIGIN
cf-ray: 819454dfae593651-FRA

GET
H2 200 jquery.min.js Show response
www.wheresgeorge.com/includes/js/ 91 KB
34 KB 588ms
585ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/includes/js/jquery.min.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Fri, 23 Aug 2013 16:51:37 GMT
server: cloudflare
etag: W/"16bb3-4e4a038483840-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZXXLu6pdL9qm95qPeDFZwtYnLZJCQ0GWfOQ%2BPJKCph56wX9i5eoAxhbT4ip4lnnR7iA2ecE4QqGs74Q9%2BOlLoW%2BkiYbjiJDwDOiyKa84pIE4dul6WNouLOdqq4wnBdUviaNO%2BA2GAA6Q7OgVCyFX0ML"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cf-ray: 819454dfae5a3651-FRA

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
www.wheresgeorge.com/includes/js/ 7 KB
4 KB 568ms
566ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/includes/js/jquery-migrate-1.2.1.min.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 25 Jul 2013 20:17:40 GMT
server: cloudflare
etag: W/"1c1f-4e25bb7c6c100-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opHjifPwzjDqye4DH5OmhOlixexByebHUilbUsbdc6bCzo4QDczGmkgdhh6EkNM60vPhypDFzBoLFo1lvQKe%2BvcUJbebXVHgSysj7e5Z87dEoRr2iaZooGSJQUUeevrJAm8vW%2BM0cq2zSvMgWKV0Bp8I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cf-ray: 819454dfae5c3651-FRA

GET
H2 200 jquery-ui-1.9.2.custom.min.js Show response
www.wheresgeorge.com/includes/jquery-ui-192/ 203 KB
56 KB 560ms
558ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/includes/jquery-ui-192/jquery-ui-1.9.2.custom.min.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b571fcad8128b028fa991009315020350ef5e296d826df2c6c8b6367a1e8fc27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 29 Oct 2013 20:01:23 GMT
server: cloudflare
etag: W/"32a8f-4e9e6ae4eeac0-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=08UpCWHqbA8gEj5QKS%2BwxW1jtMcqL446PpQ5gAI86Du3AN7H%2FkvBdYwMq7tXqI7obXVZ0RViKsV2YU8plhfvWbh3wKaHxffyZ57d7rt%2BoGSQTYDcr1%2Fi5ZUzUpuNECIoz9%2FZMeMrBMaskZlDjc1EkG3T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cf-ray: 819454dfae5d3651-FRA

GET
H2 200 cookie.js Show response
www.wheresgeorge.com/includes/js/ 2 KB
1 KB 570ms
568ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/includes/js/cookie.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c008b3684df8cf75f020bd759aa1f63d80456b77daf1076745be29ecdb9303a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:53 GMT
server: cloudflare
etag: W/"7ec-4e3142dbc2a40-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtkNJo5GgFokLtmJtfJqPox76G4gJcLNmPMfB4pMd%2BCuamjjWO5nSBTYdo1bjk3julE3MDvRK5nKAzDtd8oTyBYFGdYFZF4WV3Cg8W5%2BnnburJmgManft5s7rb5DruWsYwndJVaTnpTGlR8V79H7wXSG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cf-ray: 819454dfae5f3651-FRA

GET
H2 200 header.js Show response
www.wheresgeorge.com/includes/js/ 4 KB
2 KB 568ms
566ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/includes/js/header.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd41b646250576c87600d36db00f6543440e3a07c73c69d33dfd7f7dafec08cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 04 Sep 2018 20:40:14 GMT
server: cloudflare
etag: W/"10b4-57511aa3d5e54-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qo%2FG%2FSALpXenxswNFWpUP3tnQkARjAmYPNCwhqtSp1OioanhoCq3gq6MxHQZPOL2Mrpb18CVs2UKX%2BhI41PRUbEwV6MRxSJBqFcnxTJ3BjC9lbWhXfDJCFGa00ZkYVrxp6VtJX47C9c0fn%2FlssgdmRCu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cf-ray: 819454dfae613651-FRA

GET
H2 200 odoticker.js Show response
www.wheresgeorge.com/includes/odometer/ 4 KB
2 KB 549ms
547ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/includes/odometer/odoticker.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2b35d9f73e68484712519c315b452b1331fcb1c5591505f3b556fbd8a3726e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:49 GMT
server: cloudflare
etag: W/"feb-4e3142d7f2140-gzip"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgSXgUZuhlwV8Z%2ByYY2y6FK78TiCubELFImEfAIuYFghsFoUjl5Uo34jXBH%2B4SR7M%2FYO6BwJ7Fx%2BsvY80swh%2BvfiOkqiuVcpKEGYrDmrf2gwpfFQ3zb6WP2Z%2Bu0zFo3K02q%2FJxZC%2BhLkxXU1NlD17dwm"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: SAMEORIGIN
cf-ray: 819454dfae623651-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 158ms
90ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ef3fc3fc7558220fbadeff61c4bd79587564c9acb9dda6a63555bffd9b2b1ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29129
x-xss-protection: 0
server: cafe
etag: 225 / 19650 / 31078969 / config-hash: 4808689989001815818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 20 Oct 2023 21:25:07 GMT

GET
H2 200 didna_config.js Show response
storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/ 13 KB
14 KB 222ms
159ms Script
text/javascript 2a00:1450:4001:831::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: f62f1e5fcc9add58fe632f5373f90e53fb4715424c286a6aaea04a3702a47d98

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-guploader-uploadid: ADPycduWl6isLZtMHDfnZhs-jwVzdNT_daL6H_Nynax44cs7Sp-ve8fJBt08RAKdY0b4QloP6JOxrsGQHafqJ3HiKuX8sHO7pfE1
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13602
last-modified: Thu, 29 Jun 2023 16:26:14 GMT
server: UploadServer
etag: "e1ae484d51b399b86d0e762a58239904"
x-goog-generation: 1688055974538951
content-type: text/javascript
x-goog-hash: crc32c=CkbxAA==, md5=4a5ITVGzmbhtDnYqWCOZBA==
cache-control: no-store
x-goog-stored-content-length: 13602
accept-ranges: bytes
expires: Sat, 19 Oct 2024 21:25:08 GMT

GET
H2 200 updown.png
www.wheresgeorge.com/images/ 4 KB
4 KB 194ms
191ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/images/updown.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56461ffccda775adce78f8b68d8ad28e5abddd893b7612ebd16344ccc6d66c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 4254
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:37 GMT
server: cloudflare
etag: "109e-4e3142cc80640"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sG%2BZklWv7kaIME0ZTKtpg8zcK5ElX6XedSRKKymyhrzmTnMq3OLuvVo4FpEemfBWwbJfyLR3pF6GOiRYh5ZzRikWKI%2B9vmNmNwX8rws3gSTkfQa5CGxlycd7K22MtNR9wKF9gEFA5olxCWoh7zkb%2BQN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e45bb13651-FRA

GET
H2 200 facebook.jpg
www.wheresgeorge.com/images/ 4 KB
4 KB 183ms
181ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/images/facebook.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3cb1db2d0a51e283ae6fc0d9cf5aef88f250ce5166bd994435d8b7d068cde87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 3978
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:38 GMT
server: cloudflare
etag: "f8a-4e3142cd74880"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbiFlLj%2B74Nvm1lbXhEbyUFXVX%2BoOKZvtA%2Bx8xK2PiD8Haawhy%2Fq2fz%2BV7sO6BLPMnJFK%2FMf32goZAFfZu8pO%2FTfpiQWNNcdyCJV0ZjN5UuMqK1SyWzVp3BKc2KHwhC4glDVQrHLlrRxvO59%2FPqYI4br"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 819454e45bb23651-FRA

GET
H2 200 twitter.jpg
www.wheresgeorge.com/images/ 4 KB
4 KB 203ms
201ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/images/twitter.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fedf7a96d9f67f560198fa4e96d5f49a5b25c1dd23d406169a0b3b74ea3968b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 3927
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:37 GMT
server: cloudflare
etag: "f57-4e3142cc80640"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdGgTp86nfR8SiSXYsFSMeNJ0FwmpunlHV4CRLGLP%2B1ffLU8uGpyjz8Et7O%2BdMUDBQrtSqN2LrFyAS0zBMV0ZG71qZmqK%2FqmZK%2FXlbOVod1RwarEPePlHOTdWLU13iWYyNhAb64h8WgJeFZ4a3gqQvTg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 819454e45bb43651-FRA

GET
H2 200 pixel.gif
www.wheresgeorge.com/skins/common/ 807 B
1 KB 699ms
697ms Image
image/gif 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/pixel.gif

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c22dc3d31dccd54ee6cc46af4d6b0970e7c684bb32c3812b8371b0e271905b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 807
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "327-4e329122dd340"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcBztkl75u4XWUXDj834yi73ZVQ9bIXtE1dbbgFL9xf8pUZqr3J1jy%2BxNg3YKhrnR0sZmcvNvMIhWVaMDtHyXtOg5f3NZIgWcMuX0E3lNV%2FyDw8%2FfM57u41%2BNt3p4bDUcy%2B6l%2BDK%2FOpvZyK9%2BILG%2FLfi"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
accept-ranges: bytes
cf-ray: 819454dfae633651-FRA

GET
H2 200 dropback.jpg
www.wheresgeorge.com/skins/wg-green/ 868 B
1 KB 174ms
171ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/wg-green/dropback.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97aefe4a1c50e7bf4bd5eb810781749a1aa540fe755c4e1e45aa82414c0b5818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 868
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "364-4e329123d1580"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdZfFErhiW9X298OeyZRY95P6x0cnHo9sCQ6lQVc2gleo5uZY6RkhyGMErE94vIVQF%2FCksWofEGiW8lcJcn9PzKe47EDWhsjMJGG9vbnqtLLNYyq%2Bi0bZEMzlgZ48zwGiylir8IhKrCWv1C0Se7yEFeI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 819454e45bb53651-FRA

GET
H2 200 totalbillsentered.png
www.wheresgeorge.com/images/ 622 B
960 B 716ms
715ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/images/totalbillsentered.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b6bdedf30dce0674375bdde60d211a32d50fd18df2402730def2b8f2de7988d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 622
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:41 GMT
server: cloudflare
etag: "26e-4e3142d050f40"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X5ZOUzquSCb8a%2Bq7jpIUXZMotTOe%2FkqcKbsTfQ7%2BOjAcFx2A1twARGoFYIaNCe1nGP3vpUKxnlten%2FuJekXD7DePouhvhQJ9NB2U%2BSDU16emEo5AlT6vhAIajBMjJF1zm8iHe0bvbp9XTWNQEewst9Pd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454dfce8b3651-FRA

GET
H2 200 totaldollarvalue.png
www.wheresgeorge.com/images/ 620 B
923 B 142ms
142ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/images/totaldollarvalue.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0e17b1b2c8c884ef95858b7cce3c572ebdf32d5da4ca26a366dece88bda76a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 620
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:41 GMT
server: cloudflare
etag: "26c-4e3142d050f40"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WtxfUfqM05yZJ0ftdBo9ur6GdMSmn%2FdPFBsMiqOUoSu89AXyGFClVRVtD0tioIa8dBbFZMmhei6hFLWdgZ0B2m31y1l9QIPbDKqb%2BtP%2BSpzFY7ZNJSo3mwlifj7BoMqswUmf0oEIN32ec3EeG3nkYGxO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e3fb603651-FRA

GET
H2 200 billsenteredtoday.png
www.wheresgeorge.com/images/ 653 B
1 KB 138ms
138ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/images/billsenteredtoday.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbf2e4d7a491afaa7aa1d29ae72d71c78b5470f1d610b3eab6f7b9c8d6444404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 653
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:42 GMT
server: cloudflare
etag: "28d-4e3142d145180"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6j3Y3lvYgO7lsU0zdtWx4pNM2EVc2S5Zxka5RNSiGSLQf0HeM6oRI73ZzmaCVX0baJ6SjYDs2TTX5L8HM8icZnaJK5lSN44NPvwT%2B5JhQ%2BPxS0rr%2BNeFSiRUCyDCYEoQnTkwBI2H6zlW6KFgdSPSqQ9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e41b7d3651-FRA

GET
H2 200 hitstoday.png
www.wheresgeorge.com/images/ 453 B
959 B 200ms
198ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/images/hitstoday.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6f35733b79b1d6797353f4aa427becf64a36417f0e1ebce4da187e3ea9341d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 453
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:40 GMT
server: cloudflare
etag: "1c5-4e3142cf5cd00"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUkJDkne%2FZvIxR4QboBrRWZTNgTGCB8w%2BsxadrxRcK3%2FWzSlAlFzVv7yZZpXpF15SIPsKKKWg7vELt%2FAwcJjpJz4a36S8K3ZXQpvsQJauO9Bxg4d0lOIX19PvdT27dMSYI9a%2Bp6NuvqH9JSpTkmsJeIn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e45bb63651-FRA

GET
H2 200 dollarsign.png
www.wheresgeorge.com/images/ 331 B
688 B 165ms
164ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/images/dollarsign.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

222cbd44beda0de2293c5eb373dcbe8ef2a81dd8c67b364224bc3ef2061d3354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 331
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:40 GMT
server: cloudflare
etag: "14b-4e3142cf5cd00"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIzxJ4ewKDFdH5Wc5GKClUvhulZche1GwsUm6N1z76%2BvfPU6naSY%2Bpl9FvagMw3vwuq29psdOfbiR1%2FGhWiea5vm4thP%2FNJ1OMKR7FPg1GeOL37B7XWDG1d5NZt%2BFJy%2BYSc2WO5%2BRs2wVk2AZ46AXWqj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e45bb83651-FRA

GET
H2 200 shiftleft.png
www.wheresgeorge.com/images/ 482 B
814 B 172ms
171ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/images/shiftleft.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3ed2d3ba588437ab0954941c0edd797482ed06264b1ca9e6806ed6daeb07b43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 482
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:38 GMT
server: cloudflare
etag: "1e2-4e3142cd74880"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvhGvhEhHXn5zv1LmUP9L%2F%2B5DgYqtuEEX5ctHK0bNMrIMTWPSO%2FgXYlDST6WUtu7yfg3xRFEE4KfZPpVmmMg2FoXPBaY0R54NsgUO5rGAkQE95G8nt0dDC6GukYfBQTkMxiEjI%2Bp2InMp1BThbHnL0RP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e45bba3651-FRA

GET
H2 200 shiftright.png
www.wheresgeorge.com/images/ 476 B
779 B 194ms
192ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/images/shiftright.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27c167a66fe7195d6169a97715a3becf7e3d5892a12b2825f77959d1c21bfaa9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 476
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:40 GMT
server: cloudflare
etag: "1dc-4e3142cf5cd00"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4epz%2BKzsewAhFeoyKI4V8octl7ZnrA66is6YTy1ZjrsT3dIDqRAqxRo3giKLiEy7nFyb%2FaaMAa6YwbztrXUopwS6p5zUdhQ69XaqH9Re6M0bjEgm7jQaLDb2yo6JZX1m%2BFpz15nqwwm99jcyEbB87Acf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e45bbb3651-FRA

GET
H2 200 c.js Show response
client.crawlerlogs.com/ 1 KB
1 KB 116ms
30ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.crawlerlogs.com/c.js?v=latest
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d510a6ba4714eb7e72e731dd0091ad29b6b51adfb6e584373c8a860dd8c5183c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:07 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SJwcXbEc6bnWVZ%2BW6%2B4q%2FtKKrcBH55ePpM5gwCWeSGFr1bQc28iSCadflFVDaqV7B0eqZyke%2BSeRU6Dpnw%2FBxB0DGXiM3Ti9wLg5ImFjzbIEgS7fBzJOb7AKd2BExKPiozlzRcK4xao4FzBh1itCAfRMss%2By"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 819454e4dcf04d6e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 vjR-JvKboGM0k7UaLR-M2ocVDUM.js Show response
www.wheresgeorge.com/cdn-cgi/apps/body/ 3 KB
2 KB 229ms
228ms Script
application/javascript 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/cdn-cgi/apps/body/vjR-JvKboGM0k7UaLR-M2ocVDUM.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/cdn-cgi/apps/head/wpJ7OnaoHqqN-SSFOvcy2VKlnmo.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea8dcf94a62e4ac82246b2224d85052c2308c4c8123dd8b2c4c154cebe9b47f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-amz-version-id: CoNkkylYkt0wMB4UqLQPntJ1JMFymTAa
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZJQ74G5NR94TZPX1
content-encoding: br
x-amz-id-2: rM7NC8Ia3n4rrjMb249QaIgswv2uAIltNaDh9G4tSZIivoICMcl6zHWuqShiAwdiIoEGq7kk884=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 20 May 2018 13:52:04 GMT
server: cloudflare
etag: W/"39fbf6c21b8ff6ff3a490e69a4fb757e"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhF%2Fx1QFoa8TQUoZV4ziawCz6VA93jNaH1tMnEBSdy3GLWX4DCzGGaDA2piDxJV4mo%2B%2BVTfME6fFTjogtlAT%2B%2BdD9dYrukDaqGfxnJpkslL8UV%2FOqbSX6lRq%2BTqPCsSdUf46V%2BMaP%2FZksSnP3IXNXFws"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 819454e45bbc3651-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 20 Oct 2023 19:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5614
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 20 Oct 2023 21:51:33 GMT

GET
H2 200 wg-back-3t-dark.jpg
www.wheresgeorge.com/skins/common/ 121 KB
122 KB 981ms
980ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/wg-back-3t-dark.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70751679ec1e2f27cd958b14c2b87f5b1b7fd4e7fbbce340bb3ca6f8dfd82d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 124064
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 27 Aug 2016 21:09:37 GMT
server: cloudflare
etag: "1e4a0-53b140c66c640"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=texJ%2BIa0QIYeJm99P7PWv3aduKKg4KVuNLG0%2Fnkw2rIVHz%2FdjDa%2BcqFy5quIunY5B2%2Br%2F2RNQUXatVllpL3C%2FXmwJOzcsy92T6jfqRwcygwcanIGquNmiug4EO02OsXE3fhKOnoaMt4fISUeRhBSZQWm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 819454e47bd23651-FRA

GET
H2 200 rthf_opened.png
www.wheresgeorge.com/skins/common/ 2 KB
3 KB 1916ms
1916ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/rthf_opened.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0426dbe67dd4f52df684e50d0e6d33f68f73bd83ba416b7e26b1227a61585d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 2414
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
server: cloudflare
etag: "96e-4e329121e9100"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V93%2BbIl41QFmwqF6sTyqC5yE5uvhV3wcfj0ebYtjJo4AFSbUt%2B1RsR8z%2FXptgzruJfSQveWayr%2BzoP48Y8h2vk5ossypNVdxNu67gtBeFNND5fjVzwmt2crfFto7zPyzNp%2F1Us8TiX2%2Bbt3NNnCNXNqd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47bd43651-FRA

GET
H2 200 announcements_opened.png
www.wheresgeorge.com/skins/common/ 3 KB
3 KB 694ms
691ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/announcements_opened.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29c7dc1333487ffb5ff8332547585101be64e8323c334b6542092bf21e4f1fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 2948
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "b84-4e329122dd340"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JHOC3eB0aOFCqgKwRRU%2BXpjLwoiS3R3FkoCXt%2Bsqr9fVIhtcBILPRQcUSzzuHIAD29wLqqTg4cnzJZO3FgpJpOHUWxwixW2TvFU9Cx0kK%2B0jHJ2f0cejPPJvE15bDmYDhRk%2FQc878Pw%2BxzP46v%2FX2cf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47bd53651-FRA

GET
H2 200 page-border.png
www.wheresgeorge.com/skins/wg-green/ 49 KB
49 KB 3035ms
3032ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/wg-green/page-border.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bd2a2b65fa258c88704613fbaa9261c2ace4b5d8fdaec5e6790efa4554e13ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 50190
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "c40e-4e329123d1580"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Avgh9lv8uWU937ULJGdH0UTiasuuP0wwL9t1GwAjXoy40hPrVe4g8%2FuWoCZlWPkTYqQ%2BYPh2HFYU0gwstegKkpqn1w6ZhEQzrk9R%2BqqvBnrezXnbf0CKqOtei02QY6xBpwqa6mRuMhJDWeDAqYPgiKmZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47bd73651-FRA

GET
H2 200 wheres-george-eyes2.jpg
www.wheresgeorge.com/skins/common/ 40 KB
41 KB 2950ms
2948ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/wheres-george-eyes2.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f554402586b6d6141a35ff7838ecb350f34b95632f489dd26230c748293a24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 41409
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 08 Dec 2016 18:16:10 GMT
server: cloudflare
etag: "a1c1-54329a1c02e80"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRrbHuIvUYOla7XY9vzLV%2BfAtE22FFSZ2uNC5Sdfz9KELa2BsmULL2YoYLq4R1ecfSnXQTCUK0lZItfN0%2Byb3WVPHOJQIZchfETsT%2Ft4fBRTCJVBde1uvOpwT460PcacmBr9oWVaz5W8Ho4g3t4dhSoF"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 819454e47bd93651-FRA

GET
H2 200 wg-header-top-center.png
www.wheresgeorge.com/skins/common/ 18 KB
19 KB 1609ms
1607ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/wg-header-top-center.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce531eee4c5fdc685dbcdb1470072755405690fdfdd930a6e22e463f78d284e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 18744
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "4938-4e329122dd340"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ZG7eQHFLcz9rjlfRDoFXPVKmPl7l9Nqn%2BWvqCTYct2v4NqcH8XxDCr1sKCVXzns%2BvZNHy%2Fb0%2Fz7Kk3%2BVL%2F%2B9NCtTBXZq9%2FK4xMSVnVDxPTA2a2BzXpldEc6%2F17nLqKNMD%2FWJ1JCAICoH6HeX2yfp9kF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47bda3651-FRA

GET
H2 200 wg-header-top-left.png
www.wheresgeorge.com/skins/common/ 40 KB
40 KB 2739ms
2737ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/wg-header-top-left.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78c19f0f48c2039268244bea64d0c0d6b0e99739baf0706c043f4a7fa5b9a49f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 40589
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
server: cloudflare
etag: "9e8d-4e329121e9100"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fHfHHVWVNNHSWpIU3vYETZCT7KobQKi3ckgE%2FxfzwWhzdj1vL6%2FphagmtW2XuUQVwIsHTppliQBUF7dsc3hCsff7cLZSyaQnFlkADOFkh2%2FS7ARkZLCT9tTnO27FgZJ0GCrsW0G6PtSLPShmetfc3GJY"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47bdb3651-FRA

GET
H2 200 wg-header-bottom-left.png
www.wheresgeorge.com/skins/common/ 21 KB
21 KB 977ms
975ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/wg-header-bottom-left.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f64f12e5474480f9b66cd6231874622c4e0fbc168d7d9708aae94183f01e6a1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 21595
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
server: cloudflare
etag: "545b-4e329121e9100"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xlWYFeWnXNpSzcCROWZNXztpK7RMDLINhjGy725Zt%2Bo5v5EJGmpikuUFayziJzIHJ6iDD8WxIMXjfmjgljIhB5KjWBDZOl0%2B5gZqbfbAhMQOjXJ03L0cD3uio9ps2SFtY7LDbS2xWD8bI%2B2ym1O%2F3vGs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47bdc3651-FRA

GET
H2 200 wg-header-top-right.png
www.wheresgeorge.com/skins/common/ 40 KB
41 KB 843ms
841ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/wg-header-top-right.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fe82976b037bfb21b0977871949ca3ecc4602f5b90c2b7c7b322068a2cc5341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 41315
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "a163-4e329122dd340"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9FeZdwSq0auuWDxoZGbqBjQKRYj8KnIpPUV82%2BRtlDN%2Fviq1PI9CMas6proLb3CIrDMLZ1%2BIUd7Gf3Jb559v%2BwKivGPMPu7cgxp%2BQ0vNLljWAEO0eAGP3dH8%2Bo2%2FGGPhAiVYrUt6kPyUAYUZmYKXBGv"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47bde3651-FRA

GET
H2 200 wg-header-bottom-right.png
www.wheresgeorge.com/skins/common/ 19 KB
20 KB 2894ms
2892ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/wg-header-bottom-right.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b8b2da42e63cfbe1929809bf08001dbc90fb04da686e8f1895c96c2e3476586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 19795
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "4d53-4e329122dd340"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LVeMKRni9qSNsfuKm2EQ%2BiBnXn48SROFrStLJ8Ii0DDp%2BKOEZUfTbHc33SR8tgEjz%2FMdbEHgoNpt0xtBqGtyQHwKdZBQB4LtlUdK0VSlp4kHZQLz8tDOquhne9BKaCwSNL%2Fw0kssvgodLO5Hy1tOP7c"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47bdf3651-FRA

GET
H2 200 glass-logo.png
www.wheresgeorge.com/skins/common/ 4 KB
4 KB 2868ms
2866ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/glass-logo.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94a64debb73115b6e4bb5816aad62b1af7c6584b2139d9a2d9480dbf4220561c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 3618
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "e22-4e329122dd340"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxvFyPY%2Fu2t2zYwCVElAe8S5QUgo7QU1trtvo3f%2BShRWbAswxkfDTBZSgQ82w74KQHAjxTU0vfMSGceLgPrf3AxmaOd3UUK2Lk%2FNLyCztjpxzUukPGynkQBulFKAnPoxR0NCqzt3mQBA%2BgPnGSGihFbS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47be13651-FRA

GET
H2 200 nav-background.jpg
www.wheresgeorge.com/skins/wg-green/ 4 KB
4 KB 2955ms
2953ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/wg-green/nav-background.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e73d4b74d14162b1d0b2d35585058d806f07513b84aa6cbb2d8e9fa51be9d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 3788
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "ecc-4e329123d1580"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsVGC8LdBjM4sgWWBe4D3CanFMn6Dwfro3zo6txObIX%2FclPxrMZYYGdAxqYetfa5Z4skCVwXCGKqN5uj0K8kx5q2S%2BoKnZZs2fc%2F6G5KxSTezz9N3B8Si5IP5PfT%2FhErGfywumbW3Xh9%2FePoVw5tpfPo"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 819454e47be33651-FRA

GET
H2 200 nav-sep.jpg
www.wheresgeorge.com/skins/wg-green/ 722 B
1 KB 2939ms
2938ms Image
image/jpeg 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/wg-green/nav-sep.jpg

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc6470204dda1b6135b76c42ed59cefaed8dead87385d110742669f54d4b054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 722
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "2d2-4e329123d1580"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhjwDyePg9kKXTeVvYk1oeMu6lrQOdERQ8TdYIqHWD5kBlHbaGVK6kM34P6ZPiyYTXphB36RgBHXslC%2BiQ5N4m9HnLbkej%2FvW2d8keXqx11MnV35yUBHGLSezeB7veomUtNDyQ1hThuv3eVPVrxEWSTa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 819454e47be53651-FRA

GET
H2 200 found-a-bill.png
www.wheresgeorge.com/skins/wg-green/ 69 KB
70 KB 1989ms
1989ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/wg-green/found-a-bill.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da4f3b2e0ca2bdad54c77c30fe4e209f95fc88cc5d67cfb42e66c9d0259ac144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 71147
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "115eb-4e329123d1580"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12%2Fhb%2F6k%2F9n4%2F09gbswMH4DPR2JuB1mi4xD7%2FYYSk00wcnF1PhycPlnAqnpMnW2cQmfwSMTxu6lkpexGA4cCcw2iLrfrn4%2BaP2tpXw4zv7sI1cnmfLSQMo6AfPwDNSkMCNRDrO75vjdsOD2mEetdd3ZE"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47be73651-FRA

GET
H2 200 enter-track.png
www.wheresgeorge.com/skins/wg-green/ 70 KB
70 KB 2003ms
2002ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/wg-green/enter-track.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cabea06371ff3f26ecf21fcac0c279ae3bd92f787624d3215bc6ba3121c4806c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:09 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 71464
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "11728-4e329123d1580"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lJqiw%2FRliVlluqoKFS0L%2FO2OzDUcDTqiZUxrM5y87UbaxaGKi7nrlqh5FYV3%2BUEMD4JZPd1I4z%2FaWOsoNjfWV0ht%2FAnPI3xVypceUGHCv9bDytFL%2Bx69o%2BDWDvx3vUHyNLjN1PHEOtMf9PmcIB42Xup1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47be93651-FRA

GET
H2 200 footer-background2.png
www.wheresgeorge.com/skins/common/ 165 KB
166 KB 3039ms
3038ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/footer-background2.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8d71892deb8ef0496585f4d5a5199b23eebcd595b8acf7ddb92009b72e31596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 169008
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Thu, 08 Dec 2016 18:17:01 GMT
server: cloudflare
etag: "29430-54329a4ca6140"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wXrG8keSfvWVFhLUx39uDyv1Bth8WbjcYF5RVqbdMKlcCWZl9RqJRqGv6JYNoJxC0uu8d5PkRadRgqm6c%2BnDUBgcOOrZ7ojhvxclb4CuXRCD4c4MNS7sF8GRzKQToRlKXp9QN2UhXyWXvZNjgQOpVRs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47beb3651-FRA

GET
H2 200 footer-bottom.png
www.wheresgeorge.com/skins/common/ 197 KB
197 KB 3035ms
3035ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/footer-bottom.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c1d9973ca5c62cf51fbb097b24568a2e8ac42584bcbbb3f3d40db6d5ac7a1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 201317
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:24 GMT
server: cloudflare
etag: "31265-4e329121e9100"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toj7OVcwJRDQ5lBMRddg8oaTjeEP3wVFVlR7jMDlQ2J5Z4jjoA8rfGZgxi%2BAnVymICDkjrMW%2BXoNBVnlcuUQCIyksu1j04JUfSlx6qxmMa0xznJMZe0cBzggCl5QguVF9%2FP1vqdul1m%2FB7cdw0W1ncpW"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e47bec3651-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
225 B 29ms
28ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=960483459&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wheresgeorge.com%2F&ul=en-us&de=UTF-8&dt=Where%27s%20George%3F%20-%20Official%20Currency%20Tracking%20Project%20-&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=146154589&gjid=1098202337&cid=1777577065.1697837108&tid=UA-1469661-1&_gid=287522402.1697837108&_r=1&_slc=1&z=976657911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

269360293d5e52396e56883e8e54ad4baa6921395b5dbe127a2447a77e762742

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hitfeed.php Show response
www.wheresgeorge.com/ 7 KB
3 KB 146ms
146ms XHR
text/html 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/hitfeed.php

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/includes/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e89c1636dd6889e6206a7dac6459e194d6bd9f26687a04e33efe137b8e3069a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.wheresgeorge.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HWmY3r4CGlqNassJiHAXpN1vcAqoMHXBi%2F9QXm%2Bjow6n0oigNJtS1H6C8VDukQjTux2zb%2FisLXZFMJ3J%2FMdEPXkRnC%2FY5bJUVxZz%2Bvs9bFhKXHoaP7y5udhcfKarO9Xq3Hxqf21vXg8fCj6M1RCB5OU"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
cf-ray: 819454e51c913651-FRA
x-xss-protection: 1; mode=block

GET
H2 200 top-ad-background.png
www.wheresgeorge.com/skins/wg-green/ 406 B
914 B 2839ms
2839ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/wg-green/top-ad-background.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7fae18de875f131f9962b002379d31c5b0f33a917be900337718f66877948b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 406
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:26 GMT
server: cloudflare
etag: "196-4e329123d1580"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5koTrP6tvQE4wED1q7Wl6ZjdbY8b8mRIOvQbTtTtpmgFWpgZNqggOn9uxlSDD7903idY4cX%2BaFXnjek4mxqiT2VotgZlr6%2B0WxKKpwRhBWeiMyAnnKWlsuOpY9YScM1y7IzHI%2FQRc5FD1gJ450CIR2cR"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e51c933651-FRA

GET
H2 200 close24.png
www.wheresgeorge.com/skins/common/ 50 KB
51 KB 2930ms
2930ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/skins/common/close24.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/skins/wg-green/wg.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8731b24cdd3437a8da8618f85194973a5b248ec42a27adaefe618e3257214cf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/skins/wg-green/wg.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 51507
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 05 Aug 2013 01:17:25 GMT
server: cloudflare
etag: "c933-4e329122dd340"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTiApPHBlhzC2DaqFiE40VBDH%2Bv%2FN7YeKfXbsurkrJVFp%2B4DN4k3qG6zw1aevmLoAQQ4Y9g4MWFK12MQ89A4nbm6B7eVboB2AMEqBe5RJuLNze63pXT0Px7d%2F%2BzfDzlOnNa8N7Tuh005VglEjqg%2F2hJA"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e51c943651-FRA

GET
H2 200 georgemeter.json Show response
www.wheresgeorge.com/ 58 B
385 B 146ms
145ms XHR
application/json 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wheresgeorge.com/georgemeter.json?_=1697837107812

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/includes/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f062e8d42cf7a06ac8b0a789585764ddf13b2de180984093c76da0c4ecf2fbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://www.wheresgeorge.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: br
referrer-policy: same-origin
cf-cache-status: DYNAMIC
last-modified: Fri, 20 Oct 2023 21:25:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-content-type-options: nosniff
etag: W/"3a-6082c815a2537"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SnJMPw6juAylBYh6wqncak8ZOV%2F6KBn73OnPs9qIYTc8tZfa3o2i7xDAbND5aY%2FWKwW0BjNAdDN3BO1OErNnTz95jMBUvcsiPneQYrYIa0h04p2s5ku5Lv0SpMJvDZVacLRjCA21BROOsnNBgMH4Xi%2Bs"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 819454e51c9a3651-FRA
x-xss-protection: 1; mode=block

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
82 KB 91ms
41ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-S1BK99PKLE&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40ffc37a77edadf7d242a56d3076dc91fa9d746693ba8d96f22c4ed46b4edb00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83529
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 20 Oct 2023 21:25:08 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/ 422 KB
132 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 10:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38876
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135328
x-xss-protection: 0
server: cafe
etag: 16474413789440466402
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 19 Oct 2024 10:37:12 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1016 B
483 B 100ms
56ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wheresgeorge.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daf831ea273c423682a91c2344915bbcc7b953f802d93fdc309c95afe7eba4fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 458
x-xss-protection: 0
expires: Fri, 20 Oct 2023 21:25:08 GMT

GET
H2 200 186905-129106728116453.js Show response
js-sec.indexww.com/ht/p/ 37 KB
13 KB 105ms
48ms Script
text/javascript 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 20 Oct 2023 21:06:35 GMT
server: cloudflare
age: 1093
etag: W/"da5042-930b-6082c3f608e65"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 819454e62d9d1c73-FRA
expires: Sat, 21 Oct 2023 01:25:08 GMT

GET
BLOB 200
OK 1326b156-fb45-4c4a-bf1c-ae4dd940b983
https://www.wheresgeorge.com/ 594 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wheresgeorge.com/1326b156-fb45-4c4a-bf1c-ae4dd940b983
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 594
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 546 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 191ad33371b27fc1982dd92307fc8961c2f6d8367cbad961ddb47db9e6ebc170

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 79ms
27ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-S1BK99PKLE&gtm=45je3ai0&_p=960483459&ul=en-us&sr=1600x1200&cid=1777577065.1697837108&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.wheresgeorge.com%2F&dt=Where%27s%20George%3F%20-%20Official%20Currency%20Tracking%20Project%20-&sid=1697837108&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S1BK99PKLE&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 numbers11.png
www.wheresgeorge.com/includes/odometer/ 1 KB
2 KB 140ms
140ms Image
image/png 2606:4700:20::ac43:4757
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wheresgeorge.com/includes/odometer/numbers11.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4757 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b925fd0ba0388372309bb41e931b81d430d8331b28f0eaf756af46c8f9d00b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 1512
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sun, 04 Aug 2013 00:21:49 GMT
server: cloudflare
etag: "5e8-4e3142d7f2140"
expect-ct: max-age=86400, enforce
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2h4YWSwVdEU%2BjILGQ%2BsDU3Z0%2FjZbu0iJmZlJDfXma6u3Hw0PWST4GCEepKRPjhm6I9y4iDjznZLy7egFtegfL2sfSsCogCkKOnYA%2BRO5WXVjP8EQLd1wSTmsfTYjktt1eEZm1v3pEDOXp83VGg54QbVp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 819454e63db93651-FRA

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
426 B 156ms
52ms XHR
application/json 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=186905
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: a9b184694166cb0d5bb9cafb43cdbb79fcddca864a6ff8a91eda1a81d2d85701

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires: Sun, 19 Nov 2023 21:25:08 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
364 B 91ms
32ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/186905-129106728116453.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
BLOB 200
OK 2931332c-f822-4053-a252-23e5e031bc38 Show response
https://www.wheresgeorge.com/ 154 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wheresgeorge.com/2931332c-f822-4053-a252-23e5e031bc38
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3042ad48ca06efa581001902610542545985cd9f256101a49f8d47ecec3d2375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 157499
Content-Type: text/javascript

GET
H2 200 didna-pix.gif
didna.b-cdn.net/ 807 B
1 KB 544ms
179ms Image
image/gif 2400:52e0:1a01::953:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://didna.b-cdn.net/didna-pix.gif?ref_id=38
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a01::953:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-LA1-953 /
Resource Hash: 48c0c0652213b10729997c6c43dcbce4f18f36d011c0ed2dbfd4006808e80569

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
cdn-edgestorageid: 987
cdn-storageserver: LA-457
cdn-cachedat: 10/20/2023 21:25:08
cdn-pullzone: 1025274
content-length: 807
last-modified: Fri, 06 Jan 2023 17:03:07 GMT
server: BunnyCDN-LA1-953
cdn-fileserver: 242
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: image/gif
cdn-cache: BYPASS
cdn-uid: 296f49c8-4088-4b56-b4a4-a6b6d3fc5d40
cache-control: public, max-age=0
cdn-requestid: e0abfc84fed8ec6df104660a8517781e
accept-ranges: bytes
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 146ms
71ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 11 Oct 2023 08:53:04 GMT
server: nginx
etag: W/"65266270-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 21 Oct 2023 21:25:08 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 89ms
30ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 24 Sep 2023 19:33:05 GMT
content-encoding: gzip
age: 2253123
x-guploader-uploadid: ADPycdsxLlKLCVb5W3Djj1V0MEZiayMLPqEhV9H3fgXZaELS3ccW0PQo2-GKz1rWI_UNhL9w3-cScigVqDHesSZuOcxycA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Mon, 23 Sep 2024 19:33:05 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 125ms
43ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 217d3f91a948450bfd992a6b18d4417c
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 132ms
38ms Script
text/javascript 18.155.129.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-34.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:45:52 GMT
content-encoding: gzip
via: 1.1 0a58752d78fb248f2488304f0f93599a.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 67157
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: p2btQ6OHpgnDaIp4fv_uVdy62qdbibhfL2njFL20TarxzgVQRgQ6Xw==

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 14 KB
5 KB 116ms
43ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 17:20:48 GMT
server: cloudflare
age: 211032
etag: W/"650886f0-39ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 819454e73a6c6a78-TXL
expires: Mon, 23 Oct 2023 21:25:08 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 83ms
34ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 10255
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-yyz4527-YYZ
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pxcqfiws6B9KKFcVxA5Gizwx4id8bMRVP%2FoUsmDD22l%2Bmjp%2FjdW6Iz8A4bl20ny6RhUZXe8vmA5Co9%2FS6pEc%2B4pYnT6HS%2FErrcGDtTXYiDEobZv89KiwgWvev3pZfzQenlSCI8Ng%2FuyFyd9xi0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 819454e70d5d4d88-FRA

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 127ms
23ms Script
application/javascript 2600:9000:223c:1000:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:1000:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:17:48 GMT
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 441
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: nDNJ1UWQKagiH5ILVquBx_-MDWrd23Uxpi_NKOOHI0oLgVYefv7nJA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 87ms
24ms Script
text/javascript 2600:9000:2250:2600:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:2600:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Fri, 20 Oct 2023 06:40:14 GMT
Via: 1.1 1b3f5dc0b3c577dc5e7394bf12aed238.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 53095
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: vh5PhVkbIFrV5ShtVa4NjOZBTOXovfT1KKgb1bj3zciU5r_Nokl96Q==

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 139 KB
30 KB 91ms
42ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Oct 2023 11:34:12 GMT
server: cloudflare
x-amz-request-id: E3NS28DBFSWCYW6J
age: 1051
etag: W/"e5bbc80dac7ff8597f5b639831f48d87"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 819454e709594d73-FRA
x-amz-id-2: 1bVz0JeLIMeiHdUXZFkrZNRKt2yJ7h/2Q3jA4G0z1eMT41y2CeAImr54lUW7lbQWqIIJvvn6MJA=

GET
BLOB 200
OK b8a277de-bcc8-481c-a1ae-3b7562355ea8 Show response
https://www.wheresgeorge.com/ 606 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/didna_hb/wheresgeorge/wheresgeorge/didna_config.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82d99de88bf7ac91f8e2efe936fb429d4fb86ed97a64d681ebfb12cbc6d590ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 620056
Content-Type: text/javascript

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 4 KB
2 KB 81ms
27ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 21:25:08 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Mon, 02 Oct 2023 15:19:34 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 1576944
ETag: W/"4689fed115ceb1ec0446e336376eed1e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Wajd7f4ihDWq24feetmChREfBzVtP6szEmqzyEOT4UHyWveHI%2FIMGAiKrkpI0NJSaIdUyaAetnCyc%2BefiSj%2BOBMBdAIZJXhXExKXF1hgDRqUV9cU9sTU11Z51WsOsVGnF29A3dmnqdk%2FHvk"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 819454e7883665ce-FRA

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
280 B 133ms
28ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d7077300fa&cmd=bid&eidpubcid.org=2c0d706b-ce3b-4648-ba82-a0bf86569986&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: 4348ec7634589b7bc5e561d0bdd682c3cc1db41d2172cbd9ed91cda6bf6e5364

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
281 B 135ms
31ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d6b9bc00f9&cmd=bid&eidpubcid.org=2c0d706b-ce3b-4648-ba82-a0bf86569986&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: 01a3107cd1c0a3ab71db2cb04b159bf23337fb18a8c4356532a2b4ac8f733730

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
511 B 132ms
27ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d45d4400f1&cmd=bid&eidpubcid.org=2c0d706b-ce3b-4648-ba82-a0bf86569986&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: 7616add583683a562788e9f894c96426dc6282929440f52cf7980be2225643bc

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 80

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 144 B
966 B 273ms
193ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2a25066487a693b78aabc22992b80470d463b9cc1376fc1fc25111afd2c1b9d9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
an-x-request-uuid: 55cc4985-9e5b-45ec-a1fd-266cdc791f2b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 144
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 477 B
1006 B 253ms
157ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238888&zone_id=1178360&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!,,1,,,&eid_pubcid.org=2c0d706b-ce3b-4648-ba82-a0bf86569986%5E1&rf=https%3A%2F%2Fwww.wheresgeorge.com%2F&kw=wheresgeorgewhereswillywhere%27sgeorge%3FtrackdolllarbillsWG%3FWGwhereswilly.comwheresgeorge.comtrackdollartrackdollarbillstrackdollardillstrackdollarsdollarsonebillfrbfederalreservebankstracetracingtrackingtracktraceamericanserialnumberseriesdenominationbillswhereisgeorgecurrencymoneylegaltender&tg_i.domain=www.wheresgeorge.com&tg_i.page=https%3A%2F%2Fwww.wheresgeorge.com%2F&tg_i.name=www-wheresgeorge.com&tg_i.pbadslot=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com%2Fleaderboard_1%23leaderboard_1&tk_flint=pbjs_lite_v7.51.0&x_source.tid=1ca74048-6d37-4079-a20d-514d2bbecfbe&l_pb_bid_id=8d46c1bb744d41&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=1ca74048-6d37-4079-a20d-514d2bbecfbe&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com%2Fleaderboard_1%23leaderboard_1&slots=1&rand=0.643896915311291
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5e4e4fbbf6831efac036f014b7c3de90ae9c40dbe417e38669311d69b44b5c69

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 477
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
281 B 140ms
45ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Fri, 20 Oct 2023 21:25:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
1 KB 233ms
107ms XHR
application/json 2a0c:5c87:5241::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 78789709d38b334c99ee02153e2218d324335cca146bf77f3371068ce9a1e878

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Oct 2023 21:25:08 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 741

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 566 B
766 B 170ms
65ms XHR
application/json 18.203.132.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1697837108341&to=-120&aun=leaderboard_1&pubcid=2c0d706b-ce3b-4648-ba82-a0bf86569986&gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com%2Fleaderboard_1%23leaderboard_1&fp=0.05&fpc=USD&t=avou7mdw&pi=2&schain=1.0%2C1!%2C%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wheresgeorge.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.51.0%22%7D&ogu=null&ns=10240
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.132.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-132-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a46c2b4055b04ab7be5895499c0137d55b7d7dc062991d24911e9f9737109274

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 549ms
299ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Fri, 20 Oct 2023 21:25:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
549 B 99ms
41ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=360263
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ac7d0587d7bc78da350e83b647bda5cf517525d42f56f420f99e3f8ae42d46d

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xIhdwwaIXjuQAiT9iyCgaQ0B4TWrtxwhQkHgUzDk56iLnUjvkspU6J%2BhI2gG1qeyUXXlekZVsmwrhCcMv%2FCpckA5YkDJ7LmEju3y5ISszR2P2FfobT0qASxDxNheTHBWGgpsZN1Q"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 819454e79dedbbe9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
455 B 185ms
55ms XHR
application/json 52.48.84.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.84.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-84-121.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 7531cf29a8ff299363b3a09f01e2832e26cc5cf723e6cf66dce09ec9a775515e

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.wheresgeorge.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
368 B 86ms
25ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
262 B 89ms
31ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 87c9f2b1e07276339f7596602a069bc2a8a235ed9f062f0f64f13f63231a6cd0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1

85 B
202 B

138ms
138ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 0f6cb26fa8d4dd77e78a2aca561999305724b6d0744feaffb732515088816ecc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-A7atE2ZW3YSs2ZUSfNX0n13Yqc0"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 20 Oct 2023 21:25:08 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.wheresgeorge.com
location: /esp?url=https%3A%2F%2Fwww.wheresgeorge.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
236 B 89ms
25ms XHR
text/plain 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Fri, 20 Oct 2023 21:25:08 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST headerstats
as-sec.casalemedia.com/ 0
0

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
494 B 114ms
40ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 237ae56f93356cf81e852cab9bc4a59ffbee897a53dfeff74ea75708312c59fb

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 58af5dfa2d1989cd9bdc23289bc9648d
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
content-length: 221
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
207 B 117ms
23ms XHR
application/json 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fwww.wheresgeorge.com%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://www.wheresgeorge.com
content-type: application/json
access-control-allow-credentials: true

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
339 B 152ms
45ms XHR
application/json 52.48.164.189
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.164.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-164-189.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: d0236454acf0ccfa521df838aff3a5ce6ebba333518c11cfb187bc22c3771764

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
x-server: 10.45.24.215
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
254 B 155ms
109ms XHR
application/json 2600:1901:0:8344::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&src=esp&ver=1.1.0
Requested by: Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ob.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F230 15 KB
6 KB 123ms
42ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.wheresgeorge.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 21:25:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 340797
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 script.js Show response
cadmus.script.ac/dahhc4ozyvjm6/ 132 KB
47 KB 103ms
39ms Script
application/javascript 2606:4700::6812:1691
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b76fee2711a5ad963ea92ffda8f30870fe9ad7d544d5eaf55ba6a43a2d5d32f3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
last-modified: Fri, 20 Oct 2023 16:18:03 GMT
server: cloudflare
age: 0
etag: W/"67e8e96dae06a1f9b3ffb0918bbde23a596265fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray: 819454e82d702c3e-FRA

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 75 KB
24 KB 150ms
104ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 21:25:08 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 02 Oct 2023 15:19:33 GMT
Server: cloudflare
ETag: W/"0680a0a53dae661d4707e1cc0f6bc95a"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BLZbdV7Jp7FiNqxWiR5I%2FZIxJdCved6OACLbmZtWunHxCQTy1EzPSVt1YqjmuS7JjSbLzarXlKFTx%2Fsah1N9a%2BpvZ7n7FM%2FJ94RZ31qvmSCz0NRExhE1mDrwRGhJKHV99M6jFyRjQXohUEgq"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 819454e80a3839f1-FRA

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
311 B 42ms
38ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=360263
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f663376979958104f33f3b90d7d1a8f72a8a9ff46f5b70d33959bbbc233f123

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ca1j6FeUCCWBTdeNKhzERERRo5m81%2Bn6%2FHK07tbei7sh45VHwqvamRLHz9%2BGxxk9EG0Xq3fmazW7AmEWzGdFYe3obcbiJN%2FZeDat3F6BrDi06%2BRoJD6vNuyrSrzIZY3aSNPL68kO"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 819454e80e89bbe9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
367 B 27ms
24ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
456 B 56ms
52ms XHR
application/json 52.48.84.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.84.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-84-121.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: a381604916cc21a78cfceb05588662edc3cc5685eb7cef4197ded488bf0602ec

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.wheresgeorge.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
113 B 35ms
31ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5067700f3&cmd=bid&eidpubcid.org=2c0d706b-ce3b-4648-ba82-a0bf86569986&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: 7bb94a509ecf80a1a64c5f29ec92fa83ddc10d0bdf25bf4e79adc3d7137dce8c

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
113 B 33ms
29ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5637f00f4&cmd=bid&eidpubcid.org=2c0d706b-ce3b-4648-ba82-a0bf86569986&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: e5b0d8f6913dbea8a3f2653cf9c999d6fe68367997d42c82bcc395d630a7ee04

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 80

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
61 B 398ms
277ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Fri, 20 Oct 2023 21:25:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
138 B 33ms
31ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 5d88e5892489cdfe35fea30412bfd1bbb58e47313ffa28041e7d495eb0375d44

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 2 KB
1 KB 167ms
78ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 5e9005f19c2048aba039d84f1ea0b0c988ae4ac53bb69f79adc8d2eca1adda01

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Oct 2023 21:25:08 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 731

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 468 B
818 B 160ms
158ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238888&zone_id=1178360&size_id=15&alt_size_ids=16&rp_schain=1.0,1!,,1,,,&eid_pubcid.org=2c0d706b-ce3b-4648-ba82-a0bf86569986%5E1&rf=https%3A%2F%2Fwww.wheresgeorge.com%2F&kw=wheresgeorgewhereswillywhere%27sgeorge%3FtrackdolllarbillsWG%3FWGwhereswilly.comwheresgeorge.comtrackdollartrackdollarbillstrackdollardillstrackdollarsdollarsonebillfrbfederalreservebankstracetracingtrackingtracktraceamericanserialnumberseriesdenominationbillswhereisgeorgecurrencymoneylegaltender&tg_i.domain=www.wheresgeorge.com&tg_i.page=https%3A%2F%2Fwww.wheresgeorge.com%2F&tg_i.name=www-wheresgeorge.com&tg_i.pbadslot=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com%2Frectangle_1%23rectangle_1&tk_flint=pbjs_lite_v7.51.0&x_source.tid=dd2a35de-f9de-43a9-a359-a7f4f2ca9623&l_pb_bid_id=46d55486ae2d141&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=dd2a35de-f9de-43a9-a359-a7f4f2ca9623&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com%2Frectangle_1%23rectangle_1&slots=1&rand=0.042074282334369384
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f128a7ed2c898a5fce25e0d15b3b000277638635c76c9591c1d53c3bdde5b06f

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 468
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 566 B
765 B 62ms
61ms XHR
application/json 18.203.132.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1697837108474&to=-120&aun=rectangle_1&pubcid=2c0d706b-ce3b-4648-ba82-a0bf86569986&gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com%2Frectangle_1%23rectangle_1&fp=0.05&fpc=USD&t=avou7mdw&pi=2&schain=1.0%2C1!%2C%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wheresgeorge.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.51.0%22%7D&ogu=null&ns=10240
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.132.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-132-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2f97d377118fc8687b96087655b08277bb852fe448884969ec9c6dd1b1000cf1

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
133 B 33ms
33ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Fri, 20 Oct 2023 21:25:08 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 5
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
967 B 143ms
143ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

21c097c0cf39691b5e7ad7bf8196510c9a7e4487d8e48561fca72eb33de4887a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
an-x-request-uuid: dea4cbb9-18d5-47a0-8a2d-f2b2d14512be
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
138 B 30ms
29ms XHR
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: ed4106a25b100a5e06250410c4d68d4398f1febd9253a9e234ac48eb58a74e88

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
via: 1.1 google
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 145 B
967 B 137ms
137ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

74ffdd4c700de1f0b0b46463f2bffb0e42fe112a1cba7ce7b7b74500937d6215

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
an-x-request-uuid: ef2580c9-1636-4c10-bff6-1ae6facc69ab
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.28; 217.114.218.28; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 145
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
117 B 376ms
263ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Fri, 20 Oct 2023 21:25:08 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
113 B 30ms
30ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d5ccaa00f5&cmd=bid&eidpubcid.org=2c0d706b-ce3b-4648-ba82-a0bf86569986&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: b9c88b5408e22e86a4bbc13ebc7ac5947e895dc4f9eb08ff6dfa2253162f6aef

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 80

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
113 B 29ms
29ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691d0017070401401403a11d30006&pos=8a9698ab01747406698907d6092b00f6&cmd=bid&eidpubcid.org=2c0d706b-ce3b-4648-ba82-a0bf86569986&secure=1
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: 239b2c74a6eac8c28328adaf4acc2ed0b9e604117776217814e77b88c44187fe

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-allow-credentials: true
content-length: 80

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 37 B
313 B 41ms
40ms XHR
application/json 104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=360263
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 964b50b997b8371810caf105b8a4eaea21381f69ba4b9e0dfa57a60f67559cce

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQk3lHy%2FOHJsynI4GRkH9PgNV6LGpDpsuFYd5yoGg%2B0koWJpA6RhJJ%2B9ekCk0pJDQ4HnTDwHBqM6uq14yCj0RGbk079ijtP8RBZOQP9CVGtmIROPf%2FUrsrOaPS%2BTtuPlrmLxGpVo"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 819454e81e9bbbe9-FRA
alt-svc: h3=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
367 B 24ms
23ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 566 B
765 B 60ms
60ms XHR
application/json 18.203.132.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1697837108483&to=-120&aun=skyscraper_1&pubcid=2c0d706b-ce3b-4648-ba82-a0bf86569986&gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com%2Fskyscraper_1%23skyscraper_1&fp=0.05&fpc=USD&t=avou7mdw&pi=2&schain=1.0%2C1!%2C%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.wheresgeorge.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.51.0%22%7D&ogu=null&ns=10240
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.132.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-132-178.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ab5e855f62390a3cc3eb6c578f8ab11688a92eebca11a13e6b7991fd0f219a50

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
157 B 32ms
32ms XHR
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Fri, 20 Oct 2023 21:25:07 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 105 B
455 B 84ms
84ms XHR
application/json 52.48.84.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.48.84.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-84-121.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 5b8ecb8d57cc6b1cdb2cbb67fefbf5ff214131d03c2a802719d3d5b2b536cdb3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.wheresgeorge.com
content-type: application/json
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 472 B
822 B 151ms
151ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20100&site_id=238888&zone_id=1178360&size_id=9&alt_size_ids=8&rp_schain=1.0,1!,,1,,,&eid_pubcid.org=2c0d706b-ce3b-4648-ba82-a0bf86569986%5E1&rf=https%3A%2F%2Fwww.wheresgeorge.com%2F&kw=wheresgeorgewhereswillywhere%27sgeorge%3FtrackdolllarbillsWG%3FWGwhereswilly.comwheresgeorge.comtrackdollartrackdollarbillstrackdollardillstrackdollarsdollarsonebillfrbfederalreservebankstracetracingtrackingtracktraceamericanserialnumberseriesdenominationbillswhereisgeorgecurrencymoneylegaltender&tg_i.domain=www.wheresgeorge.com&tg_i.page=https%3A%2F%2Fwww.wheresgeorge.com%2F&tg_i.name=www-wheresgeorge.com&tg_i.pbadslot=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com%2Fskyscraper_1%23skyscraper_1&tk_flint=pbjs_lite_v7.51.0&x_source.tid=9c8ecca3-5057-4a03-bb39-698e1740dc10&l_pb_bid_id=7584cbc6d9be71a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=9c8ecca3-5057-4a03-bb39-698e1740dc10&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F170737076%2C1069408%2Fdisplay%2FWheresGeorge%2Fwheresgeorge.com%2Fskyscraper_1%23skyscraper_1&slots=1&rand=0.7896299991890285
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9b24b15b4175a61bde046fdb61388d3a600de297006a5c73556be70879c51415

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 472
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 2 KB
1 KB 152ms
68ms XHR
application/json 2a0c:5c87:5239::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 51e41a8798f1b5e201a822bc15c8c817d993767fc5ae88a7cf36697998c15873

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 20 Oct 2023 21:25:08 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.wheresgeorge.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 752

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 180ms
118ms Preflight
text/plain 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.wheresgeorge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Fri, 20 Oct 2023 21:25:08 GMT
server: nginx/1.21.6
via: 1.1 google

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 120ms
120ms XHR
application/octet-stream 34.95.69.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 20 Oct 2023 21:25:08 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

sid Show response
mug.criteo.com/ Frame F230
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheresgeorge.com&sn=ChromeSyncframe&so=0&topUrl=www.wheresgeorge.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=i4wlx3w3YXRRZWRaaXQvSXh2Z1FHbnBscExvTWE3UTd1cFV2TDZJNnN6TVYvZHFOVTdqbm11bFhaYVhDNnI3dWZSZU5PWjZNQ0lNM3R2QU02cU9UemwrQTBESURFbjFnTEN4Rmt6MWxLWUZZeCtoRFYvakdreGtHNks3cy...

457 B
672 B

41ms
40ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=i4wlx3w3YXRRZWRaaXQvSXh2Z1FHbnBscExvTWE3UTd1cFV2TDZJNnN6TVYvZHFOVTdqbm11bFhaYVhDNnI3dWZSZU5PWjZNQ0lNM3R2QU02cU9UemwrQTBESURFbjFnTEN4Rmt6MWxLWUZZeCtoRFYvakdreGtHNks3cy9nZ0ROenJFSTVUUVZWZ05pVm4ydFlUTmd1ZlpySUhLRWJlb2xEQ3dDZUVmRTRsbllDYm9ub0I4TVRpUmE4SE83Zy9US0RtODQxa0szWVB3SkExZkZ1ckMwWkFBR2NRRE84SHJmcVNEMEZFOFVoQ29wVjdiNENyRGFXdyt3bE9nVm03d2Jzd3gxcmZka21Jb28xVjlGQ2RvU2tLYjd0YTNtdnVVUGQ3UEluUk9PWXRkN0x1bz18&cppv=2

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2ae9dcd6b621e25b29ecbe420b68c729c19f6b38901dc07924392de8e2e9555c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:08 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1149647
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=i4wlx3w3YXRRZWRaaXQvSXh2Z1FHbnBscExvTWE3UTd1cFV2TDZJNnN6TVYvZHFOVTdqbm11bFhaYVhDNnI3dWZSZU5PWjZNQ0lNM3R2QU02cU9UemwrQTBESURFbjFnTEN4Rmt6MWxLWUZZeCtoRFYvakdreGtHNks3cy9nZ0ROenJFSTVUUVZWZ05pVm4ydFlUTmd1ZlpySUhLRWJlb2xEQ3dDZUVmRTRsbllDYm9ub0I4TVRpUmE4SE83Zy9US0RtODQxa0szWVB3SkExZkZ1ckMwWkFBR2NRRE84SHJmcVNEMEZFOFVoQ29wVjdiNENyRGFXdyt3bE9nVm03d2Jzd3gxcmZka21Jb28xVjlGQ2RvU2tLYjd0YTNtdnVVUGQ3UEluUk9PWXRkN0x1bz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 210595
content-length: 0
expires: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame B897 0
176 B 100ms
35ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 20 Oct 2023 21:25:08 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
12 KB 677ms
677ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1409675492831945&correlator=556218153128910&eid=31078969&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=170737076%3A1069408%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com%2Cskyscraper_1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=160x600%7C120x600&ifi=1&didk=1113917480&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697837108873&lmt=1697829908&adxs=350&adys=491&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&vis=1&psz=0x0&msz=60x0&fws=0&ohw=0&ga_vid=1777577065.1697837108&ga_sid=1697837109&ga_hid=960483459&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpJjp97QxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjVmun3tDFIAFICCG8SOwoKcHViY2lkLm9yZxIkMmMwZDcwNmItY2UzYi00NjQ4LWJhODItYTBiZjg2NTY5OTg2GJOZ6fe0MUgAEhgKCXlhaG9vLmNvbRitmen3tDFIAFICCG8SwgEKCHJ0YmhvdXNlEqwBK2pJV0ZlV2dIQnQyUUJLUUNwR0d4c1lkaUI2ZU9VNGxUZ3Q5VkloTXJPVmxmN1FtVndEZlNVckdQaDk3V1JobHlSRVBSZ3FLUFN3cEhOdE9FRTJKMWV4KzZMbmRaYXJvRU4rOXJQN013R3JKdm9sMStiWC9BOENUTm5XbWtObXJxekdRSDk2Rkh3T0d0aWxRdXFtelhvVXNaMElqc2pFT2VJTnJOazZ6b0xzPRidmun3tDFIABIdCg5lc3AuY3JpdGVvLmNvbRijmOn3tDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pVnpGTmVWZFZRV1ZTVXl0M00wOUpRMHBqVmxGYVFUMDlJbjA9GIac6fe0MUgAEhkKCnVpZGFwaS5jb20YpJjp97QxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiHmun3tDFIAFICCGo.&dlt=1697837107121&idt=1086&prev_scp=auid%3Dskyscraper_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26refresh-iteration%3D0&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F&adks=287370258&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48b1dfc59e63a17c1135cef11ab2ef32ea19715a9aaed620561b76a061ce3e5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12461
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
78d126189053d3b053cee713f6b0f6e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9E43 6 KB
3 KB 102ms
27ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://78d126189053d3b053cee713f6b0f6e8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 21:25:08 GMT
expires: Sat, 19 Oct 2024 21:25:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
14 KB 703ms
703ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1409675492831945&correlator=3269376370096290&eid=31078969&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=170737076%3A1069408%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com%2Crectangle_1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C336x280&ifi=2&didk=3701212228&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697837108889&lmt=1697829908&adxs=946&adys=812&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&vis=1&psz=300x0&msz=300x0&fws=4&ohw=710&ga_vid=1777577065.1697837108&ga_sid=1697837109&ga_hid=960483459&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpJjp97QxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjVmun3tDFIAFICCG8SOwoKcHViY2lkLm9yZxIkMmMwZDcwNmItY2UzYi00NjQ4LWJhODItYTBiZjg2NTY5OTg2GJOZ6fe0MUgAEhgKCXlhaG9vLmNvbRitmen3tDFIAFICCG8SwgEKCHJ0YmhvdXNlEqwBK2pJV0ZlV2dIQnQyUUJLUUNwR0d4c1lkaUI2ZU9VNGxUZ3Q5VkloTXJPVmxmN1FtVndEZlNVckdQaDk3V1JobHlSRVBSZ3FLUFN3cEhOdE9FRTJKMWV4KzZMbmRaYXJvRU4rOXJQN013R3JKdm9sMStiWC9BOENUTm5XbWtObXJxekdRSDk2Rkh3T0d0aWxRdXFtelhvVXNaMElqc2pFT2VJTnJOazZ6b0xzPRidmun3tDFIABIdCg5lc3AuY3JpdGVvLmNvbRijmOn3tDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pVnpGTmVWZFZRV1ZTVXl0M00wOUpRMHBqVmxGYVFUMDlJbjA9GIac6fe0MUgAEhkKCnVpZGFwaS5jb20YpJjp97QxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiHmun3tDFIAFICCGo.&dlt=1697837107121&idt=1086&prev_scp=auid%3Drectangle_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26refresh-iteration%3D0&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F&adks=846229692&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4487ec45e0058fe459dbd0ac729b1ca0c2a3a035595b80d36ab8991fd8b144ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13931
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
16 KB 503ms
503ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1409675492831945&correlator=4163321041797887&eid=31078969&output=ldjh&gdfp_req=1&vrg=202310180101&ptt=17&impl=fifs&iu_parts=170737076%3A1069408%2Cdisplay%2CWheresGeorge%2Cwheresgeorge.com%2Cleaderboard_1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C468x60%7C970x90&ifi=3&didk=3855194978&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1697837108901&lmt=1697829908&adxs=437&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.wheresgeorge.com%2F&vis=1&psz=0x0&msz=969x0&fws=0&ohw=0&ga_vid=1777577065.1697837108&ga_sid=1697837109&ga_hid=960483459&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYpJjp97QxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjVmun3tDFIAFICCG8SOwoKcHViY2lkLm9yZxIkMmMwZDcwNmItY2UzYi00NjQ4LWJhODItYTBiZjg2NTY5OTg2GJOZ6fe0MUgAEhgKCXlhaG9vLmNvbRitmen3tDFIAFICCG8SwgEKCHJ0YmhvdXNlEqwBK2pJV0ZlV2dIQnQyUUJLUUNwR0d4c1lkaUI2ZU9VNGxUZ3Q5VkloTXJPVmxmN1FtVndEZlNVckdQaDk3V1JobHlSRVBSZ3FLUFN3cEhOdE9FRTJKMWV4KzZMbmRaYXJvRU4rOXJQN013R3JKdm9sMStiWC9BOENUTm5XbWtObXJxekdRSDk2Rkh3T0d0aWxRdXFtelhvVXNaMElqc2pFT2VJTnJOazZ6b0xzPRidmun3tDFIABIdCg5lc3AuY3JpdGVvLmNvbRijmOn3tDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pVnpGTmVWZFZRV1ZTVXl0M00wOUpRMHBqVmxGYVFUMDlJbjA9GIac6fe0MUgAEhkKCnVpZGFwaS5jb20YpJjp97QxSABSAghkEhsKDGlkNS1zeW5jLmNvbRiHmun3tDFIAFICCGo.&dlt=1697837107121&idt=1086&prev_scp=auid%3Dleaderboard_1%26adLocation%3Datf%26didna_vis%3Dtrue%26didna_refr%3Dfalse%26refresh-iteration%3D0&cust_params=pub%3Dwww.wheresgeorge.com%26path%3D%252F&adks=2270674399&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba9228b7d9dc284ccff0ec07012335ac00e0a4151b230710174df3f5d6813353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:09 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16239
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wheresgeorge.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310061803000/ Frame 1B1C 196 KB
55 KB 138ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 188297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56106
x-xss-protection: 0
server: sffe
etag: "6471d1057e0de0bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame 1B1C 15 KB
5 KB 133ms
47ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 188297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5216
x-xss-protection: 0
server: sffe
etag: "c5e6042816070d0a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame 1B1C 95 KB
29 KB 105ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 188297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29020
x-xss-protection: 0
server: sffe
etag: "9aef0fcfd5306f20"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame 1B1C 5 KB
2 KB 136ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 188297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1918
x-xss-protection: 0
server: sffe
etag: "d9a3fbf21fc2b678"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame 1B1C 40 KB
13 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 188297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "16aa7f89b2c84c04"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1B1C 14 KB
2 KB 78ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 21:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 20:34:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 21:25:09 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1B1C 2 KB
3 KB 68ms
20ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 352
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Oct 2023 21:19:17 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1B1C 295 B
371 B 68ms
21ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 352
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Oct 2023 21:19:17 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/4165319128741995548/ Frame 1B1C 4 KB
4 KB 65ms
21ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4165319128741995548/14763004658117789537?w=195&h=102&tw=1&q=75

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d688020ec62e9ad187a7ffd6d9bcfa623d00b9b93e567001a2da83a58dd210

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 08:19:26 GMT
x-content-type-options: nosniff
age: 306343
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4204
x-xss-protection: 0
last-modified: Thu, 02 Feb 2023 11:00:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Oct 2024 08:19:26 GMT

GET
DATA 200
OK truncated
/ Frame 1B1C 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1B1C 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 1B1C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1413c5f97fe55d83fd0d2f436ad5185e70b9830bad9140b0b2d8fd92c1857b89

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1B1C 33 KB
34 KB 67ms
21ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wheresgeorge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 577268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 05:04:01 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310061803000/ Frame F49E 196 KB
55 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 188297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56106
x-xss-protection: 0
server: sffe
etag: "6471d1057e0de0bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame F49E 15 KB
5 KB 29ms
27ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 188297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5216
x-xss-protection: 0
server: sffe
etag: "c5e6042816070d0a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame F49E 95 KB
28 KB 30ms
28ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 188297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29020
x-xss-protection: 0
server: sffe
etag: "9aef0fcfd5306f20"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame F49E 5 KB
2 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 188297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1918
x-xss-protection: 0
server: sffe
etag: "d9a3fbf21fc2b678"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310061803000/v0/ Frame F49E 40 KB
13 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310061803000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 18 Oct 2023 17:06:52 GMT
age: 188297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "16aa7f89b2c84c04"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 17 Oct 2024 17:06:52 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F49E 2 KB
3 KB 21ms
20ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 352
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Oct 2023 21:19:17 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F49E 295 B
353 B 22ms
21ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 352
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Oct 2023 21:19:17 GMT

GET
DATA 200
OK truncated
/ Frame F49E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f47bc58eabe2d9b9dc3167b6c750f488fab278a9d592e215a4b1cb30b306ee33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 9319737336595284849
tpc.googlesyndication.com/simgad/ Frame F49E 133 KB
133 KB 21ms
21ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9319737336595284849

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5505bd4addf007be39b37c455d8c8e661e1bc1fb7937b8bcc72b66cba3bbd46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:45:18 GMT
x-content-type-options: nosniff
age: 319191
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136486
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 03:49:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Oct 2024 04:45:18 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032310161805000/ Frame D72C 196 KB
55 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032310161805000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9dc4362151404a06e3587d42469c831510b1f024b3a81fa0aaa9ad6d760805

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Oct 2023 22:13:53 GMT
age: 256276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56155
x-xss-protection: 0
server: sffe
etag: "36eb25b9c8773ac9"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Oct 2024 22:13:53 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032310161805000/v0/ Frame D72C 15 KB
5 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032310161805000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b545845a2273d287b89de2dad629d30137ceb38d1ce78fa423e6980c00b368f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Oct 2023 22:13:53 GMT
age: 256276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5214
x-xss-protection: 0
server: sffe
etag: "074ac5099ebe1c18"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Oct 2024 22:13:53 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032310161805000/v0/ Frame D72C 94 KB
28 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032310161805000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ba86813c2f8c836d52722a88a63de130aa006799e180ab3649adf02d1a4a0cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Oct 2023 22:13:53 GMT
age: 256276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29090
x-xss-protection: 0
server: sffe
etag: "28725fc6b633962c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Oct 2024 22:13:53 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032310161805000/v0/ Frame D72C 5 KB
2 KB 62ms
59ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032310161805000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcbc708657f35c221e95dc2b142ea95a0c45653489b7823f29284b18afe92785

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Oct 2023 22:13:53 GMT
age: 256276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "6742f79812773482"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Oct 2024 22:13:53 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032310161805000/v0/ Frame D72C 40 KB
13 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032310161805000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

296be36e260dedaaf7a6cadd800abc5bdfaf2873f8dfcef7f350862aae28c311

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 17 Oct 2023 22:13:53 GMT
age: 256276
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12961
x-xss-protection: 0
server: sffe
etag: "7f93bdbf69ef7d3d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 16 Oct 2024 22:13:53 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D72C 14 KB
1 KB 31ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 20 Oct 2023 21:25:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 20 Oct 2023 20:38:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Oct 2023 21:25:09 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D72C 2 KB
2 KB 20ms
18ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 352
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Oct 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D72C 295 B
319 B 22ms
20ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 352
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Oct 2023 21:19:17 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1B1C 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 352
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Oct 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1B1C 295 B
319 B 20ms
19ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 352
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Oct 2023 21:19:17 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/96333844948653529/ Frame D72C 1 KB
1 KB 19ms
18ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/96333844948653529/14763004658117789537?w=100&h=100

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a7654e7d94b49e58e5ab4c87db254b7e5f97d9a80a7439252cd72452b4ec1db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 02:02:24 GMT
x-content-type-options: nosniff
age: 69765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1420
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 16:56:27 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 19 Oct 2024 02:02:24 GMT

GET
H3 200 12056422195906267636
tpc.googlesyndication.com/simgad/ Frame D72C 12 KB
12 KB 19ms
19ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12056422195906267636?w=100&h=100&tw=1&q=75

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c819a9bee3e9535d4eaa2b2876e992318fb9779db0a1bbdbcdb5c491db483695

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 07:33:40 GMT
x-content-type-options: nosniff
age: 309089
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12076
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 17:37:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Oct 2024 07:33:40 GMT

GET
DATA 200
OK truncated
/ Frame D72C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7996dbed9eea9d3b7aa943654695f0bb6c6de2d1b0654b47309586b609cc04ad

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame D72C 33 KB
33 KB 19ms
18ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.wheresgeorge.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 14 Oct 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 577268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Oct 2024 05:04:01 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F49E
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

81ms
29ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 Oct 2023 21:25:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 9319737336595284849
tpc.googlesyndication.com/simgad/ Frame F49E 133 KB
133 KB 21ms
20ms Image
image/gif 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9319737336595284849

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5505bd4addf007be39b37c455d8c8e661e1bc1fb7937b8bcc72b66cba3bbd46f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:45:18 GMT
x-content-type-options: nosniff
age: 319191
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136486
x-xss-protection: 0
last-modified: Tue, 17 Oct 2023 03:49:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 16 Oct 2024 04:45:18 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F49E 2 KB
2 KB 29ms
27ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 352
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Sat, 21 Oct 2023 21:19:17 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F49E 295 B
319 B 29ms
28ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310061803000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:19:17 GMT
x-content-type-options: nosniff
server: cafe
age: 352
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 21 Oct 2023 21:19:17 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1B1C 0
0 65ms
64ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKVBQNPAyZev_OdfbgAe_lJn4AZKp7q1zreny44IRue7wyKoBEAEgtJD6ImCVgoCAmAegAf67tdsDyAEJqQJ1-AcuysSxPuACAKgDAcgDCqoEmgJP0ORH3YqcKb-pRyTC-wfkXBmpJJOqJZZQK9sVdGuCV-mI2kLZSHM-DGy3PPPTeCj5uMEu_zI3PtbKTut4dNSOEevO9Wk9p5DJ1G3xUYUFMPlkUTcSpLJNt6iaE7-KREilOjKdc_EYvTz-DAqUhvXrSX3DBqJqdIznTPqiBh4DaD1xGxa2q_4WohrQiKEVcR1-xB9V2jAqEgGFj0kvZcXzGZEQUmp_SWU4lDdKsoYwmRrSTHoeK9idpRGyBTm86AO3cTLdqzfW3p9qMLREcaB57pMpMnEA7XUYKoto2Wq5P582fJxNYTRRDxKxkYrr_a06vMfdB1wEgjJ7y5mWiLjWiyt8fDLeATCb0HuDQh5TmoC1-siYoz3Djf_ABOqiiY2NBOAEAYgFyYTbkUmgBi6AB-rDyiSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCSjATSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgkUaHR0cDovL21hcmlvbm5hdWQuYXSACgHICwHiDRMImbmOjsiFggMV1y3gCh0_SgYf2BMD0BUBmBYBgBcBshceChwIABIUcHViLTI4Mjk0MTEzOTk3NjI0ODcY3IoV&sigh=Fk7EX6qv8HE&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaN6VH4rFuOeO6_CDbvdDwiDJi-hnlHwVJjoMhiwM_4pbZ7HeRPrusKshxbpq2OTDS5soU9sqa7zOemb-eBsGrcbzCviRW-ohgB&template_id=5000&cbvp=2
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D72C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

80ms
37ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H2
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Redirect headers

date: Fri, 20 Oct 2023 21:25:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F49E 0
0 66ms
65ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaXlFNPAyZYXlOKmxx_AP6qSq4AS2o6Xbc_K43MevEc_33Zi6ARABILSQ-iJglYKAgJgHoAG-8POVA8gBA-ACAKgDAcgDCKoElAJP0CYYMIDdEInL1jH-sE4hsMPv8OXysMjUX5AToXFAleBE9nOPmNYZGSviD7Oi-y1JPHbfsXgZSsxAYXSobq4r8lBNBsWS4WOOGC1akXC9etkxF4nk_AwswDB5C32NKcS_6jCea83IfIxdt7VfGxBc4NXCeCRV5S6TClgpUfHZPmkVM06AXev80_wWoV87_eLKpN6dIPVSP-tMZjX0jZmSLVWTLXvbPJJAyImdBJxoGmK3GvYRcBUIA7TVSkesnMbsitv6HDscXqswAqeDHeMTFX7J2CFrhrzSIo348JVplhHscXcZTq5QZ0v-BEaEgNT8yI1hFkhK4h0Mk60kE4K93Si-slJTfySM-T0Wp6UlJJV9Hg3ABIOzs8u4BOAEAYgF7pLzykuSBQQIBBgBkgUECAUYBKAGA4AH4MPRjAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCP_APSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6mgn6AWh0dHBzOi8vZGUuanVzdGZhc2hpb25ub3cuY29tL2NvbGxlY3Rpb25zL2RhbWVubW9kZS1zdGlsP2FkcD0xNDY4NDc0NywxNTU2NDUxOCwxNTg5Mzc1NSwxNTkzNDAzNiwxNDE0ODE2NCwxNTkzODUxNywxNDIyMDgxNiwxNDIxODIxMSZ0cmlnZ2VyPTE0Njg0NzUwLDE1NTY0NTIwLDE1ODkzNzU3LDE1OTM0MDM4JmFzc2V0X2lkPTIwMTY2NjAmY3JlYXRpdmU9Njc3MzU0MDM5NDE1JnV0bV9jb2RlPUcwMTYxMDM4MzkxTEY3MDIxOTQ3MTcwNjiACgHICwGiDAwqCgoI5LSxAu61sQLiDRMIi5yNjsiFggMVqdgRCB1qkgpM2BMM0BUBgBcBshceChwIABIUcHViLTI4Mjk0MTEzOTk3NjI0ODcY3IoV&sigh=CukkS9Ax9x0&uach_m=[]&ase=2&nis=5&cid=CAQSTADICaaNs75lZP881gg9X0PVyqKyiDyS9G7QUAnpRHYCUen6r84ZgF7hM-19TQPcClbDkfyXh_kqNhXHwTGfaxi5UYZMd4DfKnm4rOkYAQ&cbvp=2
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D72C 0
0 64ms
64ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaYjjNPAyZYfGOYT4gAeLv4XwDKvd5NBz37iFxrwSzeyhjYVCEAEgtJD6ImCVgoCAmAegAeqok_0DyAEB4AIAqAMByAMKqgSXAk_QhiuvK5moWVkqz2O8VbdYmQZ9hWh5B0iUpqyO2sNW0O-gjmJCzYipBM3xk9fWGlpFyJjM8hVapjvjc97vyRj8iV1xALK-1xC-pf3GCH7QtRtSUkevNDVSql7AzFbVGqjRO0dE-VC8me4mKIJpnhKbbHc0HbHVSo08gn-7IyL6WgetqE577wOBhapMYo3EyZgwNQBhLDs5Hgedk3WMontRRVeoyymKt6EoNI58ARlw8kwsaeXZk1yffMtWAx4zCXayGelqXmVmbCUWnAi77G0Aal1P3Sw2UW_wBT-ZZmSVMqhtFVcQh1VcaTPOXn3IVN2HqoA2uSyPxEeVYyrGlr3Zzo4Czsa95jlNxDb3wZIblDvdCvKckcAEzfiFiLsE4AQBiAWL7o_ZS5IFBAgEGAGSBQQIBRgEgAf-1uwCqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ9IsV0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOpoJZGh0dHBzOi8vd3d3Lm1vemlsbGEub3JnL2RlL2ZpcmVmb3gvP3V0bV9tZWRpdW09cGFpZGRpc3BsYXkmdXRtX3NvdXJjZT1nb29nbGUtcmRhJnV0bV9jYW1wYWlnbj1jdGQtZGWACgHICwHiDRMIm_GNjsiFggMVBDzgCh2LXwHO2BMN0BUBmBYBgBcBshceChwIABIUcHViLTI4Mjk0MTEzOTk3NjI0ODcY3IoV&sigh=Wz90U3tqdgA&uach_m=[]&ase=2&nis=5&cid=CAQSSwDICaaN3jNCiXE5eVfFsB2L72VTZjoixmgKjNlLQDrEaV8UaUe_mjVOtAKDcza3Ctjw1g4D7RaMyT5tjFOBgUWowxPGFksK039S3RgB&template_id=5007&cbvp=2
Requested by: Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1B1C 42 B
265 B 60ms
59ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstjw9gEgJtk2xks5XRmOkocAIBKRDQT8pd1OHWXtmD_EO87pIGDa71fNQpzY8FuyML_qCbgLctTlr56hyT_FEv3VOGOb8lQLNad0haMJ_vcy9ZTPHSyJRyzOf4eJ6xFt8Ez_AL7nAQVtjUmoHxDAinfUdAmOZLDKVOdoRe1tou0LwDXS8wnOP_AZxgn6xtL6GVa0nD2i6apBabeFmykSnuEWDamPnUnA8yJNYs0QJgcoOyrMIdru768E3eBIZ7wTAb5cfoOkxrtnT8qbH4kpp5PfljLby6unoKmJClRu_1D0ywGmYC2hZQsMVY-xuQxglz5RXwPGSf1XAZhzPgYtH-W5gGJZkTcANib1RiSXIHv3kYYNleSy8VWdcAHdlXDhGkZsUrVoGkkbsL3pEthq8qkWjNLjnhrUs9EBX5aN_eJsiqLYR1wBMY6MWwC9tAksYwqZRpQbEq9eIb8TYY_-JyXp8JOy8ZHZt47rI7tSdycYJGDXfJdBESNh6_M7fB_9cmSCIEIcdUYs4ARHGZ3UN_VlpdIuBRGjrJbqEABn6PPMDbSzPe6ZJfAHvvp47YGSWXF-UGRtHixyHY7x9QsPFOpecz0csV_y8Ldv6rS0O_TdqTY2jJxQ-Czzks6MyKApYIdUO6SDls1kNyvVtPhgeX99Fr2LUvz5tYP86wCnvlqgRODNQGAGxilszvIXg-POfE4po7JIQb6bSLVlLGu19zDMpComvT5ke51a-WpI241nChxRFGTRoZdXJ7slgvKnVp3-JjdbKza2Nx9gNQutobVs1UczBbLwZymHBQ1jQW83jaUJdy3R3uqVZtuZDvoxnK7bWBy7yENJek6QR9O7eAv24S98B8SyYzHq-Pqg34SHFaMSNNGPxkd3W7NXVLETHCcki1pZOWm025Ue28J4j7t8pNFRObFJOPeToE_DgM4iCI-os-Z8DFi79vrnA99qY3psZSN0S9Ku4S6FpwSz4w60_7FNB6pOiQRDkBcHsCilHd24JnPnwnweoSloGq3g53WZ0X2fdfBwzPaJiDWB73r8HHfLYOMHWhwvXLqv6BwOCvFlG-9pI2g6c8Pss0RWsAutfCbqivw339_C4ZNdSkWGTKouFUiUuvdqNMqJIQp37F-iNbn13ML3SzEq10tC6wk7fYro3baJPnsbfkqA3UNoJR2y4Il4gPGo7seATiR7FKagFaGDv5LbIGHvcWea-wRIM1Pdw&sai=AMfl-YRezEXU7xPScdEmAbg8kKZrJERGqfm4mw7VfNKIGL9bmnWYw1BhubxRtPcdA_eeVFqB_FQUSU9MIajNmb7jodZZ5YqWy5lcravat8V7yS2ldyUulufmmrzYkgoUQu1HU-I0us-iP5NZ-oeGm9-9PwuMoZll2AkMyg&sig=Cg0ArKJSzDgrShPkTnNqEAE&cid=CAQSSwDICaaN6VH4rFuOeO6_CDbvdDwiDJi-hnlHwVJjoMhiwM_4pbZ7HeRPrusKshxbpq2OTDS5soU9sqa7zOemb-eBsGrcbzCviRW-ohgB&id=ampim&o=437,0&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=276&tls=1276&g=100&h=100&tt=1277&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F49E 42 B
64 B 63ms
61ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3JhEt-nxefLZC_JB4-1fkols0Bj81xzPeuRxn-TX-JFA69rdFhM__mGu8pd_3fu8VGH-_c50N3tgEL7aaSKfoAl5xiZd6PDpXgrmEPGWjhZTt4m4aX55m9md1uYyDMA_QVarhYc7pjBo1&sai=AMfl-YSG-yYewltbTyQEXRBOXqyvdb_EluGSnin17Tx0XPkER8CXfYnF91kSucghD3cIMDDzjo3rMNAzpuLZReQR8ObfdS1DtaSuUuKx5dwrzhPRURxh1XrPsX5HzjqH2Cw2X65Sd9Xwaop5GeZzzg&sig=Cg0ArKJSzH5wLMU7NgrKEAE&cid=CAQSTADICaaNs75lZP881gg9X0PVyqKyiDyS9G7QUAnpRHYCUen6r84ZgF7hM-19TQPcClbDkfyXh_kqNhXHwTGfaxi5UYZMd4DfKnm4rOkYAQ&id=ampim&o=350,516&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=216&tls=1216&g=100&h=100&tt=1216&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D72C 42 B
64 B 63ms
62ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsm5mSX-XEcodfJ39UoU-zDiZk94tQCHWx2OgAXmNijxaVfXhDM_18C6_3dbiskZqD4G4LJJq0xK6gyv4Kf9K8NgEM8islmarGmXr4FU07MkN25Ka883HHCt8Ve_sz_fMCaC6Wv7jpJQo8Z7UyvAiCFIaTm7lJ5sgxnPDYTF1v&sai=AMfl-YRa75_3KhU_6mQj8lVKwd-p9opunWKLlCzgDPEXGNa3c-0FzrqAGzyZNPfNZh69ws51WLWJBSzTT1ZV8E1J1sFqPXPP2YqQXBoBA8BPu27pmzxNCN52wYzxV6rvZFU7yKYK4wSvL8GZkKAK&sig=Cg0ArKJSzH2UUIgnA2geEAE&cid=CAQSSwDICaaN3jNCiXE5eVfFsB2L72VTZjoixmgKjNlLQDrEaV8UaUe_mjVOtAKDcza3Ctjw1g4D7RaMyT5tjFOBgUWowxPGFksK039S3RgB&id=ampim&o=910,838&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=168&tls=1168&g=100&h=100&tt=1168&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: www.wheresgeorge.com
URL: https://www.wheresgeorge.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.wheresgeorge.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 79ms
78ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310180101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0467bdbab36f2bd00273a2d579ed0649a963b74a70f0e4fc63beb06a564e12df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12255
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310180101/pubads_impl.js?cb=31078969

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 20 Oct 2023 21:25:11 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AFB6 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15527
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 17:06:24 GMT
expires: Sat, 19 Oct 2024 17:06:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7E2A 829 B
996 B 32ms
32ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

28b116677a4e2b6b791f04845385cafa0cac3f6945783f38af22544fcc0530eb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K3bZc4_82ukQ13QsSuuLcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-K3bZc4_82ukQ13QsSuuLcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 21:25:11 GMT
expires: Fri, 20 Oct 2023 21:25:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js Show response
pagead2.googlesyndication.com/bg/ Frame AFB6 37 KB
14 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4QJGLNlKfnVz3XQjPF9W03cPcyZJorHT7_BXddCCsBM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 11:21:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14648
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 19 Oct 2024 11:21:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7E2A 0
0 57ms
56ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310180101&jk=1409675492831945&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame AFB6 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?J01PgA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:11 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 117ms
43ms Preflight
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wheresgeorge.com%2F&domain=www.wheresgeorge.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.wheresgeorge.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Fri, 20 Oct 2023 21:25:11 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 247934
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 envelope Show response
lexicon.33across.com/v1/ 49 B
101 B 122ms
121ms XHR
application/json 2600:1901:0:8344::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://lexicon.33across.com/v1/envelope?pid=0010b00002QMH4LAAX&gdpr=0&src=pbjs&ver=7.51.0
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:8344:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 20 Oct 2023 21:25:11 GMT
via: 1.1 google
vary: origin
content-type: application/json
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: private, must-revalidate, max-age=28800
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49

GET
H2 200 json Show response
gum.criteo.com/sid/ 2 B
378 B 42ms
39ms XHR
application/json 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.wheresgeorge.com%2F&domain=www.wheresgeorge.com&cw=1&pbt=1&lsw=1

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:11 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wheresgeorge.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 202380
expires: 0

GET f
fid.agkn.com/ 0
0

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 135 B
420 B 33ms
30ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

f509537a941a4046b1f076ab2441d1ea6bf21b3d2a0122faea116e1d609fbfaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Fri, 20 Oct 2023 21:25:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 81A7 281 B
554 B 119ms
28ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Oct 2023 21:25:11 GMT
ETag: "4014f-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 204 isyn
prebid.a-mo.net/ Frame 4F36 0
0 37ms
36ms Document
text/plain 145.40.97.66
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0, private, must-revalidate
date: Fri, 20 Oct 2023 21:25:11 GMT
server: envoy
vary: Accept-Encoding
x-envoy-upstream-service-time: 0

GET
H2 204 /
onetag-sys.com/usync/ Frame 615E 0
0 31ms
31ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1697837108435

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 pd Show response
didna-d.openx.net/w/1.0/ Frame 65D4 0
80 B 81ms
35ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://didna-d.openx.net/w/1.0/pd
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Fri, 20 Oct 2023 21:25:11 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame 52D3 3 KB
2 KB 42ms
40ms Document
text/html 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 426
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 819454fd4ac11c73-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 20 Oct 2023 21:25:11 GMT
expires: Sat, 21 Oct 2023 01:25:11 GMT
last-modified: Mon, 25 Jul 2022 19:18:19 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame BBC5 15 KB
6 KB 112ms
29ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=45157
content-encoding: gzip
content-length: 5606
content-type: text/html
date: Fri, 20 Oct 2023 21:25:11 GMT
expires: Sat, 21 Oct 2023 09:57:48 GMT
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 90A5 52 KB
17 KB 136ms
30ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Fri, 20 Oct 2023 21:25:11 GMT
ETag: "623de86a-cf34"
Expires: Sat, 21 Oct 2023 21:25:13 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H/1.1 200
OK sync.html Show response
s.console.adtarget.com.tr/ Frame A037 2 KB
1 KB 143ms
26ms Document
text/html 2a01:4f8:262:3e00::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by: Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a01:4f8:262:3e00::2 Falkenstein, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Adtelligent /
Resource Hash: e5bb0c2a6838edeeb384298fd09c349c1bf6e9f6344665c73c43dd8f23ee8018

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 884
Content-Type: text/html; charset=UTF-8
Date: Fri, 20 Oct 2023 21:25:11 GMT
Server: Adtelligent
X-Robots-Tag: noindex

GET
H2 200 9.gif
id5-sync.com/s/441/ 43 B
921 B 90ms
28ms Image
image/gif 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/441/9.gif?puid=&gdpr=1&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Fri, 20 Oct 2023 21:25:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
280 B 87ms
26ms XHR
application/json 162.19.138.117
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533568.ip-162-19-138.eu

Software

Resource Hash

05eefc92f1847ad4d18c94c7286884a8cd781fbfb82f13ca3cc19fa2b75a60e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Fri, 20 Oct 2023 21:25:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 66ms
66ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310180101&jk=1409675492831945&bg=!m5ilmNfNAAbFpEfJ5aQ7ADQBe5WfOMnQTQ1gU-yCxUlxRIGIjR4ucLd8sezicBgFhyGgPoBWNihSzM51X0X9kn498Y-JAgAAAD5SAAAAB2gBB5kDD1HtL8ud5QOd2Le3uOkLO4z1LiRbbCqiK5GctqtOFZFuIrMcC-Le3qMFA3qJboY8izbLll4amcnxwDRA1LWo3zz-kAXXm6SEsayLEjrGu5wjYDI8gDWlI6B0iBm8Ej9CB1pWQ7PTl2IPm9ECGGWy_xsIXKdJO_-p5btWASrlgWBeoCze9rP-IwWHpTlFEJcF7QiLds-khgmMIEVCmzzbSlvpuTsU1yCcF2q9Pj-cMoQ_9sy8e6lBNXFBjovTxw3vT_Ydfv6XQ6ipM5meaoCqYQ_0KwlBTIFVfhl18lNJNIaQYLWPfRSqMRrdR3PbMlk75_lkqCWJRxu39baJMGmmLF4IyrgbRgaMnScWAWXVT1zLxjt1nHgih8zOQfguAxDFqTQIopjtUwFusWM6VDCwFupQcwE6cooikE8H2EldWF_isui4G9MhZEDgZeMatS6NIzDQubLXaux5QfnxBnqoD3XUv7U8cRcdoelpkdx2-w7sbMt4MEZijzK_Gw6WcBuojOk_NYwxzB_uvKLrTmlkOdUNtG88ViojVRl8EQgZ7lQBLU3QvkbNnGlBMqILwWPuAG1G3YmgzSBMh1YLaqS3k5YIICT5A8mmlRSSCRQK6lmOXVqOgaXIOsHklsbMnkeuBXGe4PmLqWzrIRhcR0Am07Cqato6Eg9P8ucsG6T2_hskiygn3cW4lG8sFpxpcN7mRh3phmSYS6Tz3puWuh8ZFAK6HYonUgMAX4MOOH-VUvw67VHOS1sEXKRR5-FrJyO9uZKio2EUGeZficUTJ3fIE22uxqdrA15T4WvFEvGgHsLSDhfVSPwyycoYcs9xj69JvZPt3Ibwlgci8kVDDjZ_a6vtr0tmyrL1v0qhZt0tFMxmHLwfwu9toUBPkDGRw_29Tm304wXQ1m6zSAfbkyhnKb81sejXLBk6NBQmsMqDi135NAJPoYCgffOfOITzQxVeDOx7ZU4t95ZLq8va6udfFDNnmCd7ew_erDeHvZY6KEZH0r0srDwxJ-SWzX2RSiXSgy-8lcqlyqZ73rnOuVAZdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 633C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

41ms
41ms

Document
text/html

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28c6fb69c3c102b5f61922763649715e119e12e84674f60024b136dd3b70de46

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 819454fe1e953808-FRA
content-encoding: br
content-type: text/html
date: Fri, 20 Oct 2023 21:25:12 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UT3ImhpFnHjYCGeNI%2FowhJkHI%2FgrSe%2FVqkL5a8RhonuwsvMgsbluYUUFL5sIMm3OC3XjjgvzIcTcItRnNoMv5kkHdb2uWlb7KpvdpX%2B5%2BYeQ709oEXIswh1Ah%2BOrmbbweiz6k9SRd1uCRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 819454fdc97ebbe9-FRA
content-length: 0
date: Fri, 20 Oct 2023 21:25:11 GMT
expires: 0
location: /usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZDsy6NE1QYEn6Wk7F41M%2FdPD8B26KqYHJeowtBvLDCIpYQxfTpEWsbJkDFn7NUrqT9D2dWARdAB7t6vUkEdnH19MEJ6luaYwTxeX1iD5%2FbThZq1nzezNtbsFk82W3yaNZiygQFcvMbKLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H2 200 725.json Show response
id5-sync.com/g/v2/ 276 B
561 B 27ms
27ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/725.json

Requested by

Host: www.wheresgeorge.com
URL: blob:https://www.wheresgeorge.com/b8a277de-bcc8-481c-a1ae-3b7562355ea8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

2d24e196fdfccbc262afee2ff0480b0b2e6aeab0bf507dfc24036cc444850986

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.wheresgeorge.com
date: Fri, 20 Oct 2023 21:25:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 81A7 41 KB
11 KB 31ms
30ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 6a3f79e15d73b4d7196444acd307f5cf2776085feb4e0244734e6b8eaef21dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 21:25:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 20 Oct 2023 12:49:57 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=55485
Connection: keep-alive
Content-Length: 11097
Expires: Sat, 21 Oct 2023 12:49:57 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BBC5 2 KB
2 KB 408ms
39ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26618146&p=159745&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e1d45013a596b941b13583b0447fac12bfa411ebdd3ee76980a746f7dc74e498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 20 Oct 2023 21:25:12 GMT
content-length: 1710
content-type: text/html; charset=UTF-8

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 90A5 0
596 B 36ms
35ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
an-x-request-uuid: 7aa6af44-eab7-43fc-b1e3-511d3cdbf6a8
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.28; 217.114.218.28; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync Show response
sync.console.adtarget.com.tr/ Frame B866
Redirect Chain

https://creativecdn.com/cm-notify?pi=admatic
https://creativecdn.com/cm-notify?pi=admatic&tc=1
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=y020afC2XQcJeXtEBtGp&pi=admatic&tc=1

43 B
473 B

164ms
112ms

Document
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=y020afC2XQcJeXtEBtGp&pi=admatic&tc=1
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Content-Length: 43
Content-Type: image/gif
Date: Fri, 20 Oct 2023 21:25:12 GMT
Etag: 58c3bc92ecffe7d8
Server: Adtelligent

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Fri, 20 Oct 2023 21:25:12 GMT Fri, 20 Oct 2023 21:25:12 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=y020afC2XQcJeXtEBtGp&pi=admatic&tc=1
pragma: no-cache

GET
H2 200 cookie Show response
cm.adform.net/ Frame 1202 43 B
106 B 124ms
33ms Document
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D749789%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://s.console.adtarget.com.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 43
content-type: image/gif
date: Fri, 20 Oct 2023 21:25:12 GMT
server: nginx

GET
H/1.1

200
OK

csync
sync.adtelligent.com/ Frame A037
Redirect Chain

https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=58c3bc92ecffe7d8

43 B
453 B

236ms
111ms

Image
image/gif

185.83.71.234
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=58c3bc92ecffe7d8
Requested by: Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol: HTTP/1.1
Server: 185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s.console.adtarget.com.tr/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 21:25:12 GMT
Server: Adtelligent
Etag: 58c3bc92ecffe7d8
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sync.adtelligent.com/csync?t=a&ep=318342&extuid=58c3bc92ecffe7d8
Date: Fri, 20 Oct 2023 21:25:12 GMT
Server: Adtelligent
Etag: 58c3bc92ecffe7d8
Content-Length: 0

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 81A7 7 B
380 B 176ms
25ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 633C
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZTLwNzIZate0bMA7w1tbtAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPpKyLlMWbCQvvMD6LOJUvc&google_cver=1

43 B
729 B

43ms
43ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPpKyLlMWbCQvvMD6LOJUvc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4bk8hvHmlK40uoimh8HJhmnnlNysytoVKfn4rGZNPytEVrCaUwZy2LBWXgMfNEbsBMiz74SpmcDfphA%2B05m64dTMla2KRPoN2D85zxGozQjElzTwt0tao5%2BnqXg61HZ%2BiOg361oxZDgBg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819454ff281f3808-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPpKyLlMWbCQvvMD6LOJUvc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 633C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZTLwNzIZate0bMA7w1tbtAAAFK4AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKYNSkBnOVrLxwX1s-6iJD4&google_cver=1

43 B
730 B

51ms
51ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKYNSkBnOVrLxwX1s-6iJD4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGmWeDhuT1LjctprBRx4bg8Lb6c1MF44uLjVbE5%2FaGhmT2v1NS%2Bad4j40vpCEM3I9jvAgVGXMW196VvroS6VbxcGMFQIch859YRjR%2BbsMaAJt5U34APM7ACvOLKmLoqrvDDx1vYEDCqmvg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819454ff28293808-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKYNSkBnOVrLxwX1s-6iJD4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 633C 70 B
148 B 52ms
49ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:12 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 633C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTLwNzIZate0bMA7w1tbtAAAFK4AAAIB&gpp=&gpp_sid=
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTLwNzIZate0bMA7w1tbtAAAFK4AAAIB&gpp=&gpp_sid=&dcc=t

43 B
855 B

158ms
158ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTLwNzIZate0bMA7w1tbtAAAFK4AAAIB&gpp=&gpp_sid=&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 21:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WVTFB5P8PVPXHBH52B5A
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 20 Oct 2023 21:25:12 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AK1NX10190R26JQZA50A
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZTLwNzIZate0bMA7w1tbtAAAFK4AAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 633C
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0j8bPII6GzbJOBpo12gFN9QyHW3JOR0_gDrDvuKp

43 B
733 B

68ms
67ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0j8bPII6GzbJOBpo12gFN9QyHW3JOR0_gDrDvuKp
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJKaTP47Lziqlo5ZqOOQBI22Xv7ryI0tPGP%2FqkoWe3NxAZF1jdLPb2UZEzDnWF%2BpdrLD28DWbrdinWQDvxJBb4QRLxyCY9VYwqi6NFqv3VO%2Fx%2BHtuSieS3LC7LL9SKbdHwxjft00Lrm7Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819454ff1fe73808-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=0j8bPII6GzbJOBpo12gFN9QyHW3JOR0_gDrDvuKp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 ZTLwNzIZate0bMA7w1tbtAAAFK4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 633C 43 B
603 B 164ms
52ms Image
image/gif 2a05:d018:d29:3602:d271:299f:5c6e:4925
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/ZTLwNzIZate0bMA7w1tbtAAAFK4AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:d271:299f:5c6e:4925 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 633C
Redirect Chain

https://ad.turn.com/r/cs?pid=21
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2433439836446551911

43 B
736 B

96ms
96ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2433439836446551911
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7naiEvJnSGQ03O5GdPeQrQf8GMyfPOqTasGGlte%2Be1qZOnf1K%2Bxm01TIr%2FEb1U%2B%2FG9yaVMwa6xRTEzIIWaeCv%2ByuJ%2Fc6aebjX95umZvLgEBcuCnt4Ujw4HJbIH8g0GBgFegDnD9C4ndWzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819454ff1fed3808-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2433439836446551911
pragma: no-cache
date: Fri, 20 Oct 2023 21:25:11 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 633C
Redirect Chain

https://cm.ctnsnet.com/int/cm?exc=19
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3bea900137554605ae23a702b7303360&expiration=1700429112

43 B
736 B

48ms
48ms

Image
image/gif

104.18.27.193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3bea900137554605ae23a702b7303360&expiration=1700429112
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbMrke2ol%2F9HoMT2eCEhERw5PcX%2BIS%2FsxVP62j9mXakTUsImsQM9L8hE5ndJtHQj26SQl6%2Bj7GMd2KMW9vXrQ0GeIImhBH%2FNlpebHD%2FtchMLObawK62qp6gub%2FlkfjSZ5Mjgj2hUHgWcMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 819454ff1ffa3808-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=3bea900137554605ae23a702b7303360&expiration=1700429112
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 633C 43 B
230 B 44ms
32ms Image
image/gif 104.18.24.18
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?ZTLwNzIZate0bMA7w1tbtAAA%265294
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:12 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 75931
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 819454fe8bff1c73-FRA
content-length: 43
expires: Sat, 21 Oct 2023 21:25:12 GMT

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6D3D
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

116ms
45ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Oct 2023 21:25:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Fri, 20 Oct 2023 21:25:12 GMT
expires: Fri, 20 Oct 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 900272
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BBC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=8veqQkW2TVy_pQnxnkEZPQ%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

94ms
94ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:12 GMT
content-encoding: gzip
last-modified: Fri, 01 Sep 2023 11:18:33 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=45156
accept-ranges: bytes
content-length: 5606
expires: Sat, 21 Oct 2023 09:57:48 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame BBC5 49 B
264 B 62ms
47ms Image
image/gif 52.48.164.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.164.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-164-189.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.65
content-length: 49
expires: 0

GET
H2

204

ids
idsync.frontend.weborama.fr/ Frame BBC5
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=44866371
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D

0
284 B

104ms
40ms

Image
text/plain

34.111.131.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Server: 34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.131.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
via: 1.1 google
last-modified: Fri, 20 Oct 2023 21:25:12 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D
date: Fri, 20 Oct 2023 21:25:10 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1

200

p
a.audrte.com/ Frame BBC5
Redirect Chain

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=aGE0b2dxTlRzMFJUaXU0bEN5Vk9PbjctZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/a?adform_uid=592016935187172050&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
https://a.audrte.com/p

68 B
424 B

51ms
51ms

Image
image/png

52.214.195.193
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.audrte.com/p
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: HTTP/1.1
Server: 52.214.195.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-195-193.eu-west-1.compute.amazonaws.com
Software: nginx/1.22.1 /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Fri, 20 Oct 2023 21:25:12 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 68

Redirect headers

Date: Fri, 20 Oct 2023 21:25:12 GMT
Server: nginx/1.22.1
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Origin: *
Location: https://a.audrte.com:443/p
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BBC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjJGN0FBNDItNDVCNi00RDVDLUJGQTUtMDlGMTlFNDExOTNE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
245 B

141ms
43ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 20 Oct 2023 21:25:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame BBC5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAU85OAVc9ySdFq6_pTxKbU&google_cver=1

42 B
346 B

147ms
43ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAU85OAVc9ySdFq6_pTxKbU&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 20 Oct 2023 21:25:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAU85OAVc9ySdFq6_pTxKbU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame BBC5 43 B
610 B 109ms
33ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:12 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 19 Oct 2023 21:25:12 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame BBC5
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=592016935187172050

42 B
469 B

136ms
44ms

Image
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=592016935187172050
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Fri, 20 Oct 2023 21:25:12 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=592016935187172050
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame BBC5 70 B
148 B 51ms
50ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:12 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame 90A5 0
596 B 35ms
35ms Script
text/html 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:13 GMT
an-x-request-uuid: 3f0b18fa-8efe-403a-a4e8-a0bf097371d3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.28; 217.114.218.28; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame BBC5 0
260 B 168ms
50ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=159745&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:12 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame BBC5 2 KB
2 KB 45ms
45ms Script
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11700068&p=159745&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: c4defc1e37c218092366fd49ef3e591efddac901fed4d180bdd3ab69da30a70a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Fri, 20 Oct 2023 21:25:14 GMT
content-length: 1548
content-type: text/html; charset=UTF-8

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame 014A 35 B
598 B 36ms
35ms Document
image/gif 37.157.6.233
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.233 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Fri, 20 Oct 2023 21:25:15 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame FE48 43 B
855 B 300ms
128ms Document
image/gif 52.94.223.167

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.223.167 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 20 Oct 2023 21:25:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 5ZM594TT0K7FZYVXH710

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 8CD9
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=h50etteYHrycmh_igsoAvYGQGOecmxi11ZhuB3iY

42 B
410 B

48ms
48ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=h50etteYHrycmh_igsoAvYGQGOecmxi11ZhuB3iY
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Oct 2023 21:25:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
date: Fri, 20 Oct 2023 21:25:15 GMT
expires: Fri, 04 Aug 1978 12:00:00 GMT
location: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=h50etteYHrycmh_igsoAvYGQGOecmxi11ZhuB3iY
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
strict-transport-security: max-age=86400

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D8F0
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7391414238986357840&gdpr=0&gdpr_consent=

42 B
298 B

48ms
48ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7391414238986357840&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Oct 2023 21:25:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
access-control-allow-origin: *
an-x-request-uuid: dda9ac1f-d0ca-4e5f-9ccc-21f8c5c363b3
cache-control: no-store, no-cache, private
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 20 Oct 2023 21:25:15 GMT
expires: Sat, 15 Nov 2008 16:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7391414238986357840&gdpr=0&gdpr_consent=
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma: no-cache
server: nginx/1.21.3
x-proxy-origin: 217.114.218.28; 217.114.218.28; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection: 0

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 25B2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7292154882865952908&gdpr=0&gdpr_consent=

42 B
298 B

47ms
47ms

Document
image/gif

185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7292154882865952908&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Fri, 20 Oct 2023 21:25:15 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Date: Fri, 20 Oct 2023 21:25:15 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7292154882865952908&gdpr=0&gdpr_consent=
Server: nginx
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 mw
mwzeom.zeotap.com/ Frame BBC5 95 B
439 B 123ms
50ms Image
image/png 2606:4700:10::6816:1857

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1857 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:15 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 819455127cdc5b74-FRA
access-control-allow-headers: *
content-length: 95

GET
H/1.1

200
OK

info2
uipglob.semasio.net/pubmatic/1/ Frame BBC5
Redirect Chain

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&sInitiator=external&gdpr=0&gdpr_consent=
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&sInitiator=external&gdpr=0&gdpr_consent=

42 B
603 B

45ms
45ms

Image
image/gif

77.243.51.122

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&sInitiator=external&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Server: 77.243.51.122 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:20 GMT
frontend-id: 2
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type: image/gif
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 20 Oct 2023 21:25:20 GMT
frontend-id: 2
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: /pubmatic/1/info2?sType=sync&sExtCookieId=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame BBC5
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&gdpr=0&gdpr_consent=
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9a473acb1d9c7e4dc132edf8dda3f795&gdpr=0
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
148 B

49ms
48ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:15 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2 200 F2F7AA42-45B6-4D5C-BFA5-09F19E41193D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BBC5 43 B
602 B 54ms
51ms Image
image/gif 2a05:d018:d29:3602:d271:299f:5c6e:4925
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/F2F7AA42-45B6-4D5C-BFA5-09F19E41193D?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:d271:299f:5c6e:4925 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58292/ Frame BBC5 0
38 B 32ms
29ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&redir=true&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 21:25:15 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/headerstats?s=360066&u=https%3A%2F%2Fwww.wheresgeorge.com%2F&v=3

Domain: fid.agkn.com
URL: https://fid.agkn.com/f?apiKey=2086764725&r=https%3A%2F%2Fwww.wheresgeorge.com%2F

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=26

Verdicts & Comments Add Verdict or Comment

214 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.wheresgeorge.com/	1970-01-21 00:22:53	Name: mid Value: 301404245
.wheresgeorge.com/	1970-01-21 01:13:17	Name: _ga Value: GA1.2.1777577065.1697837108
.wheresgeorge.com/	1970-01-20 15:38:43	Name: _gid Value: GA1.2.287522402.1697837108
.wheresgeorge.com/	1970-01-20 15:37:17	Name: _gat Value: 1
www.wheresgeorge.com/	1970-01-21 00:22:53	Name: backgr Value: 3-med
.wheresgeorge.com/	1970-01-21 01:13:17	Name: _ga_S1BK99PKLE Value: GS1.2.1697837108.1.0.1697837108.0.0.0
www.wheresgeorge.com/	1970-01-20 16:20:29	Name: _pbjs_userid_consent_data Value: 3524755945110770
.wheresgeorge.com/	1970-01-20 16:17:36	Name: _pubcid Value: 2c0d706b-ce3b-4648-ba82-a0bf86569986
.wheresgeorge.com/	1970-01-20 15:37:17	Name: lotame_domain_check Value: wheresgeorge.com
.yahoo.com/	1970-01-21 00:23:14	Name: A3 Value: d=AQABBDTwMmUCEKN5YPGDU-a-ys55uvvIN5kFEgEBAQFBNGU8ZeANyiMA_eMAAA&S=AQAAAh67kxNaDh4l_X9eRMpnI1I
.gumgum.com/	1970-01-21 00:22:53	Name: cs Value: true
.wheresgeorge.com/	1970-01-21 00:22:53	Name: connectId Value: {"ttl":86400000,"lastUsed":1697837108514,"lastSynced":1697837108514}
.prebid.a-mo.net/	1970-01-21 00:22:53	Name: __amc Value: 2_1697837108_1697837108
.script.ac/	1970-01-20 15:37:18	Name: __cf_bm Value: Qlk9f0uv2sSJcflea3L1eOQxSj1xVtOLI_nkpDJPK6c-1697837108-0-AcCpQICXSMSWmwtzU6pQjeoy+3tLKJp50Onj7ax/sBWTQfpDEe+Bna0ErABduW+klpvnYJ0jrZxL497s6+/hQwo=
.criteo.com/	1970-01-21 00:58:53	Name: uid Value: 7a60496e-dc3f-43a1-b651-57205d9acf2c
.openx.net/	1970-01-21 00:22:53	Name: i Value: 5b533259-401e-452f-b0dc-e20225c55064\|1697837108
.adnxs.com/	1970-01-20 17:46:53	Name: icu Value: ChgInIc_EAoYASABKAEwtODLqQY4AUABSAEQtODLqQYYAA..
.adnxs.com/	1970-01-20 17:46:53	Name: uuid2 Value: 7391414238986357840
.rubiconproject.com/	1970-01-21 00:22:53	Name: khaos Value: LNZ4DLB7-24-9D58
.rubiconproject.com/	1970-01-21 00:22:53	Name: audit Value: 1\|hLZGFuTafB1qhU6rPOy2x7U1ZxogGjlwOA+xFj1I9sfQKCb/4IkTDuUgPINWxJ6Jm1TfJLKk5A7gS77H2AzvuDOAeVvN3U5AnNTglat5Vb/n+gQtPPcShSKPLRELhl3xG7JtXJVTTK0=
.wheresgeorge.com/	1970-01-21 00:58:53	Name: cto_bundle Value: k4eaaF90Mk9TNkJpV3NjJTJGMGl3aXAxTXJaQ1hmTXVicldrRyUyQmV0RzEwdDNHNGVrUndTeGtyeVBsQVlENFlHN1NNNnRFJTJCVU96MkVkS1ElMkJKU2N3ZlIwUG4zcXF0cGdlVDFDZ3VSU040Q1p2TVIyYVFYelVsU1NQaVV5WkFhVWxnQ0k1eURkUk9UTUJTZHNZOGREaFRDUFBhbHVob3htdHFoRHQydjNSNWZEbm9vQW1tQSUzRA
.wheresgeorge.com/	1970-01-21 00:58:53	Name: __gads Value: ID=3eac728c9375a76f:T=1697837108:RT=1697837108:S=ALNI_MbOoRC-tFQAE-GRHcHmq32Uf-T4eA
.wheresgeorge.com/	1970-01-21 00:58:53	Name: __gpi Value: UID=00000c9e8624e11f:T=1697837108:RT=1697837108:S=ALNI_MYZCIWjw6zYF3GjeBW8U49DiNRPow
.doubleclick.net/	1970-01-21 00:58:53	Name: IDE Value: AHWqTUni5QBjaQWeDL9GrOE4me4wzDHF6B-IZZGxdS-B2Us3AenEUnkyH__dvVG4sSY
.doubleclick.net/	1970-01-20 15:37:20	Name: DSID Value: NO_DATA
www.wheresgeorge.com/	1970-01-20 15:37:20	Name: _lr_retry_request Value: true
www.wheresgeorge.com/	1970-01-20 16:20:29	Name: _lr_env_src_ats Value: false
.casalemedia.com/	1970-01-21 00:22:53	Name: CMID Value: ZTLwNzIZate0bMA7w1tbtAAA
.casalemedia.com/	1970-01-20 17:46:53	Name: CMPS Value: 5294
.casalemedia.com/	1970-01-20 17:46:53	Name: CMPRO Value: 5294
.quantserve.com/	1970-01-20 17:46:53	Name: d Value: EEwBDQGdKrjvsQA
.quantserve.com/	1970-01-21 01:07:31	Name: mc Value: 6532f038-22f3b-9085c-351d0
.turn.com/	1970-01-20 19:56:29	Name: uid Value: 2433439836446551911
.ctnsnet.com/	1970-01-21 00:22:53	Name: cid_3bea900137554605ae23a702b7303360 Value: 1
.creativecdn.com/	1970-01-21 00:22:53	Name: u Value: y020afC2XQcJeXtEBtGp
.creativecdn.com/	1970-01-21 00:22:53	Name: ts Value: 1697837112
.console.adtarget.com.tr/	1970-01-20 17:06:33	Name: vmuid Value: 58c3bc92ecffe7d8
.console.adtarget.com.tr/	1970-01-20 17:06:33	Name: a307080 Value: y020afC2XQcJeXtEBtGp
.pubmatic.com/	1970-01-21 00:22:53	Name: KADUSERCOOKIE Value: F2F7AA42-45B6-4D5C-BFA5-09F19E41193D
.pubmatic.com/	1970-01-20 17:46:53	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 15:38:43	Name: pi Value: 159745:2
.pubmatic.com/	1970-01-20 17:46:53	Name: DPSync3 Value: 1698969600%3A235_201_245_241
.pubmatic.com/	1970-01-20 17:46:53	Name: SyncRTB3 Value: 1698969600%3A220_21_13_56_54%7C1699056000%3A35
.adform.net/	1970-01-20 16:21:55	Name: C Value: 1
.adform.net/	1970-01-20 17:03:41	Name: uid Value: 592016935187172050
.weborama.fr/	1970-01-21 01:03:12	Name: AFFICHE_W Value: OrAN2Q9kX9I653
.simpli.fi/	1970-01-21 00:24:19	Name: suid Value: 21F253FBB8B1407DB87077E4F1528F47
.adtelligent.com/	1970-01-20 17:06:33	Name: vmuid Value: 58c3bc92ecffe7d8
.adtelligent.com/	1970-01-20 17:06:33	Name: a318342 Value: 58c3bc92ecffe7d8
.pubmatic.com/	1970-01-20 17:46:53	Name: KRTBCOOKIE_80 Value: 22987-CAESEAU85OAVc9ySdFq6_pTxKbU&KRTB&23025-CAESEAU85OAVc9ySdFq6_pTxKbU&KRTB&23386-CAESEAU85OAVc9ySdFq6_pTxKbU
.pubmatic.com/	1970-01-20 16:20:29	Name: PugT Value: 1697837112
.audrte.com/	1970-01-20 15:58:53	Name: arcki2 Value: ha4ogqNTs0RTiu4lCyVOOn7-g!20220908!1697837112613!ip#217.114.218.28
.audrte.com/	1970-01-20 15:58:53	Name: arcki2_pubmatic Value: F2F7AA42-45B6-4D5C-BFA5-09F19E41193D!20220908!1697837112613
.pubmatic.com/	1970-01-20 16:20:29	Name: KRTBCOOKIE_391 Value: 22924-592016935187172050&KRTB&23263-592016935187172050&KRTB&23481-592016935187172050
.audrte.com/	1970-01-20 15:58:53	Name: arcki2_ddp2 Value: ha4ogqNTs0RTiu4lCyVOOn7-g!20220908!1697837112708
.amazon-adsystem.com/	1970-01-20 21:44:29	Name: ad-id Value: A2KKsefy8UW8gE0XfaIdYm0
.amazon-adsystem.com/	1970-01-21 01:13:17	Name: ad-privacy Value: 0
.audrte.com/	1970-01-20 15:58:53	Name: arcki2_adform Value: 592016935187172050!20220908!1697837112803
.pubmatic.com/	1970-01-20 16:20:29	Name: SPugT Value: 1697837112

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()
javascript	error	URL: https://www.wheresgeorge.com/ Message: Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=360066&u=https%3A%2F%2Fwww.wheresgeorge.com%2F&v=3' from origin 'https://www.wheresgeorge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://as-sec.casalemedia.com/headerstats?s=360066&u=https%3A%2F%2Fwww.wheresgeorge.com%2F&v=3 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.wheresgeorge.com/ Message: Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=26' from origin 'https://www.wheresgeorge.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=26 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://www.wheresgeorge.com/ Message: Access to XMLHttpRequest at 'https://fid.agkn.com/f?apiKey=2086764725&r=https%3A%2F%2Fwww.wheresgeorge.com%2F' from origin 'https://www.wheresgeorge.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network	error	URL: https://fid.agkn.com/f?apiKey=2086764725&r=https%3A%2F%2Fwww.wheresgeorge.com%2F Message: Failed to load resource: net::ERR_FAILED
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=F2F7AA42-45B6-4D5C-BFA5-09F19E41193D&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

78d126189053d3b053cee713f6b0f6e8.safeframe.googlesyndication.com
a.audrte.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.pubmatic.com
api.rlcdn.com
as-sec.casalemedia.com
bcp.crwdcntrl.net
c1.adform.net
c2shb.ssp.yahoo.com
cadmus.script.ac
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
client.crawlerlogs.com
cm.adform.net
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
connectid.analytics.yahoo.com
cr.frontend.weborama.fr
creativecdn.com
didna-d.openx.net
didna.b-cdn.net
dis.criteo.com
dmp.adform.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.minutemedia-prebid.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.clean.gg
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
invstatic101.creativecdn.com
js-sec.indexww.com
lb.eu-1-id5-sync.com
lexicon.33across.com
loada.exelator.com
match.adsrvr.org
mug.criteo.com
mwzeom.zeotap.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pixel.onaudience.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
region1.google-analytics.com
rtb.openx.net
s.amazon-adsystem.com
s.console.adtarget.com.tr
script.4dex.io
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
storage.googleapis.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.crwdcntrl.net
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.wheresgeorge.com
api.rlcdn.com
as-sec.casalemedia.com
fid.agkn.com
104.18.24.18
104.18.27.193
141.95.33.111
142.250.185.66
145.40.97.66
162.19.138.117
172.64.152.89
178.250.1.9
18.155.129.34
18.156.195.47
18.198.126.47
18.203.132.178
185.184.8.90
185.64.189.112
185.64.191.210
185.83.71.234
185.89.211.116
198.47.127.19
198.47.127.20
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
23.35.236.188
23.35.236.201
2400:52e0:1a01::953:1
2600:1901:0:8344::
2600:9000:223c:1000:10:dd8:5e40:93a1
2600:9000:2250:2600:a:e047:753:6381
2602:803:c004:200::140
2606:4700:10::6816:1857
2606:4700:10::6816:3456
2606:4700:20::681a:635
2606:4700:20::ac43:4757
2606:4700:20::ac43:4bf1
2606:4700::6810:5614
2606:4700::6812:1691
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2004
2a00:1450:4001:831::201b
2a01:4f8:262:3e00::2
2a02:2638:3::3
2a02:2638:3::c
2a05:d018:d29:3602:d271:299f:5c6e:4925
2a06:98c1:3120::3
2a0c:5c87:5239::2
2a0c:5c87:5241::2
3.71.149.231
34.102.146.192
34.111.129.221
34.111.131.239
34.120.107.143
34.120.133.55
34.95.69.49
34.96.70.87
35.186.193.173
35.190.39.111
35.204.74.118
35.227.252.103
35.244.159.8
35.71.131.137
37.157.6.233
51.222.80.231
51.89.9.252
52.214.195.193
52.46.151.131
52.48.164.189
52.48.84.121
52.94.223.167
69.173.144.165
77.243.51.122
85.114.159.118
95.101.149.233
01a3107cd1c0a3ab71db2cb04b159bf23337fb18a8c4356532a2b4ac8f733730
0467bdbab36f2bd00273a2d579ed0649a963b74a70f0e4fc63beb06a564e12df
05eefc92f1847ad4d18c94c7286884a8cd781fbfb82f13ca3cc19fa2b75a60e6
06c8432058aae2047bf8e033cf675c25cbc7f476af9d719b0ff19962237b523f
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0b8b2da42e63cfbe1929809bf08001dbc90fb04da686e8f1895c96c2e3476586
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0bd2a2b65fa258c88704613fbaa9261c2ace4b5d8fdaec5e6790efa4554e13ff
0f663376979958104f33f3b90d7d1a8f72a8a9ff46f5b70d33959bbbc233f123
0f6cb26fa8d4dd77e78a2aca561999305724b6d0744feaffb732515088816ecc
1413c5f97fe55d83fd0d2f436ad5185e70b9830bad9140b0b2d8fd92c1857b89
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
191ad33371b27fc1982dd92307fc8961c2f6d8367cbad961ddb47db9e6ebc170
1a9dc4362151404a06e3587d42469c831510b1f024b3a81fa0aaa9ad6d760805
1c008b3684df8cf75f020bd759aa1f63d80456b77daf1076745be29ecdb9303a
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
21c097c0cf39691b5e7ad7bf8196510c9a7e4487d8e48561fca72eb33de4887a
222cbd44beda0de2293c5eb373dcbe8ef2a81dd8c67b364224bc3ef2061d3354
237ae56f93356cf81e852cab9bc4a59ffbee897a53dfeff74ea75708312c59fb
239b2c74a6eac8c28328adaf4acc2ed0b9e604117776217814e77b88c44187fe
269360293d5e52396e56883e8e54ad4baa6921395b5dbe127a2447a77e762742
27c167a66fe7195d6169a97715a3becf7e3d5892a12b2825f77959d1c21bfaa9
28b116677a4e2b6b791f04845385cafa0cac3f6945783f38af22544fcc0530eb
28c6fb69c3c102b5f61922763649715e119e12e84674f60024b136dd3b70de46
296be36e260dedaaf7a6cadd800abc5bdfaf2873f8dfcef7f350862aae28c311
29c7dc1333487ffb5ff8332547585101be64e8323c334b6542092bf21e4f1fa0
2a25066487a693b78aabc22992b80470d463b9cc1376fc1fc25111afd2c1b9d9
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ae9dcd6b621e25b29ecbe420b68c729c19f6b38901dc07924392de8e2e9555c
2b6bdedf30dce0674375bdde60d211a32d50fd18df2402730def2b8f2de7988d
2d24e196fdfccbc262afee2ff0480b0b2e6aeab0bf507dfc24036cc444850986
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f97d377118fc8687b96087655b08277bb852fe448884969ec9c6dd1b1000cf1
3042ad48ca06efa581001902610542545985cd9f256101a49f8d47ecec3d2375
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f554402586b6d6141a35ff7838ecb350f34b95632f489dd26230c748293a24f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ffc37a77edadf7d242a56d3076dc91fa9d746693ba8d96f22c4ed46b4edb00
4348ec7634589b7bc5e561d0bdd682c3cc1db41d2172cbd9ed91cda6bf6e5364
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4487ec45e0058fe459dbd0ac729b1ca0c2a3a035595b80d36ab8991fd8b144ba
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48b1dfc59e63a17c1135cef11ab2ef32ea19715a9aaed620561b76a061ce3e5b
48c0c0652213b10729997c6c43dcbce4f18f36d011c0ed2dbfd4006808e80569
51e41a8798f1b5e201a822bc15c8c817d993767fc5ae88a7cf36697998c15873
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5505bd4addf007be39b37c455d8c8e661e1bc1fb7937b8bcc72b66cba3bbd46f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56461ffccda775adce78f8b68d8ad28e5abddd893b7612ebd16344ccc6d66c95
5948c940e4cd9dad9b958313b8ab760bfb85c7a3dad4332c6fb5f9ebb6ce695b
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5ac7d0587d7bc78da350e83b647bda5cf517525d42f56f420f99e3f8ae42d46d
5b8ecb8d57cc6b1cdb2cbb67fefbf5ff214131d03c2a802719d3d5b2b536cdb3
5ba86813c2f8c836d52722a88a63de130aa006799e180ab3649adf02d1a4a0cc
5d88e5892489cdfe35fea30412bfd1bbb58e47313ffa28041e7d495eb0375d44
5e4e4fbbf6831efac036f014b7c3de90ae9c40dbe417e38669311d69b44b5c69
5e9005f19c2048aba039d84f1ea0b0c988ae4ac53bb69f79adc8d2eca1adda01
5f062e8d42cf7a06ac8b0a789585764ddf13b2de180984093c76da0c4ecf2fbe
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6a3f79e15d73b4d7196444acd307f5cf2776085feb4e0244734e6b8eaef21dcd
6c1d9973ca5c62cf51fbb097b24568a2e8ac42584bcbbb3f3d40db6d5ac7a1bb
6c60c296b3472130b7ace33547b38bc4f2107658891ad3fa6d39b181eab916cc
70751679ec1e2f27cd958b14c2b87f5b1b7fd4e7fbbce340bb3ca6f8dfd82d0e
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
74ffdd4c700de1f0b0b46463f2bffb0e42fe112a1cba7ce7b7b74500937d6215
7531cf29a8ff299363b3a09f01e2832e26cc5cf723e6cf66dce09ec9a775515e
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
7616add583683a562788e9f894c96426dc6282929440f52cf7980be2225643bc
78789709d38b334c99ee02153e2218d324335cca146bf77f3371068ce9a1e878
78c19f0f48c2039268244bea64d0c0d6b0e99739baf0706c043f4a7fa5b9a49f
7996dbed9eea9d3b7aa943654695f0bb6c6de2d1b0654b47309586b609cc04ad
7bb94a509ecf80a1a64c5f29ec92fa83ddc10d0bdf25bf4e79adc3d7137dce8c
7e73d4b74d14162b1d0b2d35585058d806f07513b84aa6cbb2d8e9fa51be9d74
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82d99de88bf7ac91f8e2efe936fb429d4fb86ed97a64d681ebfb12cbc6d590ff
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84d688020ec62e9ad187a7ffd6d9bcfa623d00b9b93e567001a2da83a58dd210
8731b24cdd3437a8da8618f85194973a5b248ec42a27adaefe618e3257214cf3
87c9f2b1e07276339f7596602a069bc2a8a235ed9f062f0f64f13f63231a6cd0
8b545845a2273d287b89de2dad629d30137ceb38d1ce78fa423e6980c00b368f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94a64debb73115b6e4bb5816aad62b1af7c6584b2139d9a2d9480dbf4220561c
964b50b997b8371810caf105b8a4eaea21381f69ba4b9e0dfa57a60f67559cce
97aefe4a1c50e7bf4bd5eb810781749a1aa540fe755c4e1e45aa82414c0b5818
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7654e7d94b49e58e5ab4c87db254b7e5f97d9a80a7439252cd72452b4ec1db
9a7eeeb8d2863980375bd8e690639e5d3826305376ac7aa3988c65778b860852
9b24b15b4175a61bde046fdb61388d3a600de297006a5c73556be70879c51415
9c7bf6fd89eb097c1f7cf0a33ba3ff0b9edc9ef69a2e496fa332c688841a8841
9cc6470204dda1b6135b76c42ed59cefaed8dead87385d110742669f54d4b054
9d44418aef78b2e4586c639a6b4e57b4b9fc93a958bf2dd254b70553d51dd06d
9ef3fc3fc7558220fbadeff61c4bd79587564c9acb9dda6a63555bffd9b2b1ad
9f0da298e31dd1a50b19d710bd787a8adce25afcaf4a89ba5fcf819c6662723e
9f16e60d0a12528f9b2d792b1cd1882ce614afdf96f43a3deaa7e17279410771
9fe82976b037bfb21b0977871949ca3ecc4602f5b90c2b7c7b322068a2cc5341
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2b35d9f73e68484712519c315b452b1331fcb1c5591505f3b556fbd8a3726e7
a381604916cc21a78cfceb05588662edc3cc5685eb7cef4197ded488bf0602ec
a46c2b4055b04ab7be5895499c0137d55b7d7dc062991d24911e9f9737109274
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a9b184694166cb0d5bb9cafb43cdbb79fcddca864a6ff8a91eda1a81d2d85701
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab5e855f62390a3cc3eb6c578f8ab11688a92eebca11a13e6b7991fd0f219a50
b0154ca2e8440d8b9608765b6c8cdf56a269d0a9b93384a889986b3fc988edf9
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b333a33f794194adaf94287fb06c6529010aade13c0574140ea03f4bd9f433bf
b571fcad8128b028fa991009315020350ef5e296d826df2c6c8b6367a1e8fc27
b76fee2711a5ad963ea92ffda8f30870fe9ad7d544d5eaf55ba6a43a2d5d32f3
b925fd0ba0388372309bb41e931b81d430d8331b28f0eaf756af46c8f9d00b6d
b9c88b5408e22e86a4bbc13ebc7ac5947e895dc4f9eb08ff6dfa2253162f6aef
ba9228b7d9dc284ccff0ec07012335ac00e0a4151b230710174df3f5d6813353
bcbc708657f35c221e95dc2b142ea95a0c45653489b7823f29284b18afe92785
bfea5e5db4c526a9c86debd0154807b4eaddf36281a55cb3f622e441e5054dc1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22dc3d31dccd54ee6cc46af4d6b0970e7c684bb32c3812b8371b0e271905b2b
c4defc1e37c218092366fd49ef3e591efddac901fed4d180bdd3ab69da30a70a
c6f35733b79b1d6797353f4aa427becf64a36417f0e1ebce4da187e3ea9341d9
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
c819a9bee3e9535d4eaa2b2876e992318fb9779db0a1bbdbcdb5c491db483695
cabea06371ff3f26ecf21fcac0c279ae3bd92f787624d3215bc6ba3121c4806c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0236454acf0ccfa521df838aff3a5ce6ebba333518c11cfb187bc22c3771764
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d21ceb851783799cb96a8875271866118c846e43e44567a2aee4d8a8b3a5ae68
d510a6ba4714eb7e72e731dd0091ad29b6b51adfb6e584373c8a860dd8c5183c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7fae18de875f131f9962b002379d31c5b0f33a917be900337718f66877948b6
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da4f3b2e0ca2bdad54c77c30fe4e209f95fc88cc5d67cfb42e66c9d0259ac144
daf831ea273c423682a91c2344915bbcc7b953f802d93fdc309c95afe7eba4fd
dbf2e4d7a491afaa7aa1d29ae72d71c78b5470f1d610b3eab6f7b9c8d6444404
dce531eee4c5fdc685dbcdb1470072755405690fdfdd930a6e22e463f78d284e
dd41b646250576c87600d36db00f6543440e3a07c73c69d33dfd7f7dafec08cd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0426dbe67dd4f52df684e50d0e6d33f68f73bd83ba416b7e26b1227a61585d3
e0e17b1b2c8c884ef95858b7cce3c572ebdf32d5da4ca26a366dece88bda76a8
e102462cd94a7e7573dd74233c5f56d3770f732649a2b1d3eff05775d082b013
e1d45013a596b941b13583b0447fac12bfa411ebdd3ee76980a746f7dc74e498
e34104800b8b7644a2d64c2816157a532e0be6adf06925aa572afdeab8992fe2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3ed2d3ba588437ab0954941c0edd797482ed06264b1ca9e6806ed6daeb07b43
e5b0d8f6913dbea8a3f2653cf9c999d6fe68367997d42c82bcc395d630a7ee04
e5bb0c2a6838edeeb384298fd09c349c1bf6e9f6344665c73c43dd8f23ee8018
e6deb8763f8da9983dc3f1ab5d4376b37292dbd4b7fbd988713ac334a5904069
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e89c1636dd6889e6206a7dac6459e194d6bd9f26687a04e33efe137b8e3069a7
ea8dcf94a62e4ac82246b2224d85052c2308c4c8123dd8b2c4c154cebe9b47f8
ed4106a25b100a5e06250410c4d68d4398f1febd9253a9e234ac48eb58a74e88
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f128a7ed2c898a5fce25e0d15b3b000277638635c76c9591c1d53c3bdde5b06f
f3cb1db2d0a51e283ae6fc0d9cf5aef88f250ce5166bd994435d8b7d068cde87
f47bc58eabe2d9b9dc3167b6c750f488fab278a9d592e215a4b1cb30b306ee33
f509537a941a4046b1f076ab2441d1ea6bf21b3d2a0122faea116e1d609fbfaa
f56a3556c45543861a8dd9b9bc9b65b1f9d64fbb7dfc03fdb416faf36356db3d
f62f1e5fcc9add58fe632f5373f90e53fb4715424c286a6aaea04a3702a47d98
f64f12e5474480f9b66cd6231874622c4e0fbc168d7d9708aae94183f01e6a1b
f8d71892deb8ef0496585f4d5a5199b23eebcd595b8acf7ddb92009b72e31596
fedf7a96d9f67f560198fa4e96d5f49a5b25c1dd23d406169a0b3b74ea3968b9

www.wheresgeorge.com Open in urlscan Pro 2606:4700:20::ac43:4757 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

233 Requests

89 %HTTPS

41 %IPv6

54 Domains

93 Subdomains

70 IPs

8 Countries

2383 kBTransfer

5289 kBSize

59 Cookies

18 Outgoing links

Page URL History

Redirected requests

233 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wheresgeorge.com Open in urlscan Pro
2606:4700:20::ac43:4757 Public Scan

Screenshot
Live screenshot

Full Image

233
Requests

89 %
HTTPS

41 %
IPv6

54
Domains

93
Subdomains

70
IPs

8
Countries

2383 kB
Transfer

5289 kB
Size

59
Cookies

233 HTTP transactions
6 data transactions