wheregoes.com Open in urlscan Pro
2606:4700:3035::ac43:b70e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wheregoes.com/
Submission: On July 03 via manual (July 3rd 2023, 4:15:07 pm UTC) from US — Scanned from DE

Summary HTTP 232 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 88 IPs in 8 countries across 72 domains to perform 232 HTTP transactions. The main IP is 2606:4700:3035::ac43:b70e, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheregoes.com.
TLS certificate: Issued by GTS CA 1P5 on June 19th 2023. Valid for: 3 months.

This is the only time wheregoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3035::ac43:b70e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e6:... 2606:4700:e6::ac40:c626	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	104.131.3.131 104.131.3.131	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
3	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
1	2a02:2638:3::7 2a02:2638:3::7	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	216.52.2.16 216.52.2.16	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
12	52.48.248.173 52.48.248.173	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6816:3456	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.155.129.21 18.155.129.21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225b:2200:a:e047:753:be1	16509 (AMAZON-02) (AMAZON-02)
2	141.95.98.65 141.95.98.65	16276 (OVH) (OVH)
1	54.76.0.125 54.76.0.125	16509 (AMAZON-02) (AMAZON-02)
5 7	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:46::60 2620:1ec:46::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 5	2a02:26f0:480... 2a02:26f0:480:22::1726:62db	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.32.184.180 23.32.184.180	16625 (AKAMAI-AS) (AKAMAI-AS)
4	37.252.171.84 37.252.171.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
8	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2602:803:c003... 2602:803:c003:200::77	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
7 11	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
8 11	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f	16509 (AMAZON-02) (AMAZON-02)
2 4	67.220.228.200 67.220.228.200	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	35.157.132.87 35.157.132.87	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.65.56.209 3.65.56.209	16509 (AMAZON-02) (AMAZON-02)
1	185.86.138.152 185.86.138.152	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 3	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	37.157.5.133 37.157.5.133	198622 (ADFORM) (ADFORM)
2	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
2 9	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	34.246.32.5 34.246.32.5	16509 (AMAZON-02) (AMAZON-02)
2 3	52.210.241.171 52.210.241.171	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.196.116.171 18.196.116.171	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.191 64.202.112.191	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4264:77de:c90c:e766:ea27	14618 (AMAZON-AES) (AMAZON-AES)
1	85.215.5.31 85.215.5.31	6786 (CRONON-BE...) (CRONON-BERLIN-AS)
1	23.215.16.120 23.215.16.120	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.210.13.95 52.210.13.95	16509 (AMAZON-02) (AMAZON-02)
1	52.50.52.186 52.50.52.186	16509 (AMAZON-02) (AMAZON-02)
1	3.13.226.189 3.13.226.189	16509 (AMAZON-02) (AMAZON-02)
1	13.32.145.35 13.32.145.35	() ()
1	151.101.1.108 151.101.1.108	() ()
1	2.18.160.23 2.18.160.23	() ()
1	34.246.245.249 34.246.245.249	() ()
1 3	185.86.139.93 185.86.139.93	() ()
2 2	23.201.255.110 23.201.255.110	() ()
3	23.32.184.192 23.32.184.192	() ()
1	2600:9000:20c... 2600:9000:20c3:1a00:1f:4c18:bd40:93a1	() ()
1	77.245.57.72 77.245.57.72	() ()
1	34.225.255.201 34.225.255.201	() ()
1	2606:2800:233... 2606:2800:233:f76:14f7:d635:25c4:c8d7	() ()
2 2	216.52.2.86 216.52.2.86	() ()
3 3	193.0.160.130 193.0.160.130	() ()
1	69.166.1.12 69.166.1.12	() ()
1 1	147.75.84.158 147.75.84.158	() ()
1 1	23.212.88.20 23.212.88.20	() ()
1	198.47.127.19 198.47.127.19	() ()
5	52.210.15.1 52.210.15.1	() ()
2 2	34.98.64.218 34.98.64.218	() ()
1	185.29.132.241 185.29.132.241	() ()
3	185.64.191.210 185.64.191.210	() ()
1	52.31.229.177 52.31.229.177	() ()
1	35.204.74.118 35.204.74.118	() ()
232	88

12 2606:4700:3035::ac43:b70e (United States)

ASN13335 (CLOUDFLARENET, US)

wheregoes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e6::ac40:c626 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.131.3.131 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ny-25.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.48.248.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.129.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-129-21.cdg52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:2200:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.95.98.65 (France)

ASN16276 (OVH, FR)
PTR: ns3216659.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.0.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-0-125.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::c (France) 5 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7769e2148a7769880b77ea1600c416af.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsdkprod.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:22::1726:62db (Frankfurt am Main, Germany) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.184.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-180.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::77 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

beacon-ams3.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 69.173.144.139 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.186.66 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.128.147 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 67.220.228.200 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

widget.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.132.87 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-132-87.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.56.209 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-56-209.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.32.5 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-32-5.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.210.241.171 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-241-171.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.116.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-116-171.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4264:77de:c90c:e766:ea27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)

a.twiago.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.215.16.120 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-215-16-120.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.13.95 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-13-95.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.52.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-52-186.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.13.226.189 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-13-226-189.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.145.35 (None, )

ASN- ()

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (None, )

ASN- ()

c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.245.249 (None, )

ASN- ()

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.139.93 (None, ) 1 redirects

ASN- ()

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.201.255.110 (None, ) 2 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.184.192 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c3:1a00:1f:4c18:bd40:93a1 (None, )

ASN- ()

cs-rtb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 77.245.57.72 (None, )

ASN- ()

sync.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.225.255.201 (None, )

ASN- ()

cs-server-s2s.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:f76:14f7:d635:25c4:c8d7 (None, )

ASN- ()

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.86 (None, ) 2 redirects

ASN- ()

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.0.160.130 (None, ) 3 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (None, )

ASN- ()

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.84.158 (None, ) 1 redirects

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.88.20 (None, ) 1 redirects

ASN- ()

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.210.15.1 (None, )

ASN- ()

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (None, ) 2 redirects

ASN- ()

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (None, )

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.191.210 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.229.177 (None, )

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	rubiconproject.com 9 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 552 eus.rubiconproject.com — Cisco Umbrella Rank: 616 beacon-ams3.rubiconproject.com — Cisco Umbrella Rank: 8839 token.rubiconproject.com — Cisco Umbrella Rank: 652 pixel.rubiconproject.com — Cisco Umbrella Rank: 374 secure-assets.rubiconproject.com pixel-us-east.rubiconproject.com Failed	52 KB
24	criteo.net static.criteo.net — Cisco Umbrella Rank: 568 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 7998 csm.eu.criteo.net — Cisco Umbrella Rank: 7838	339 KB
19	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216 cm.g.doubleclick.net — Cisco Umbrella Rank: 254	154 KB
16	criteo.com 6 redirects bidder.criteo.com — Cisco Umbrella Rank: 719 gum.criteo.com — Cisco Umbrella Rank: 405 mug.criteo.com — Cisco Umbrella Rank: 2102 ads.eu.criteo.com — Cisco Umbrella Rank: 7742 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9055 widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 17666 dis.criteo.com — Cisco Umbrella Rank: 608	76 KB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 7769e2148a7769880b77ea1600c416af.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160	143 KB
13	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 3004 public.servenobid.com	9 KB
13	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 257 cdn.adnxs.com — Cisco Umbrella Rank: 1588 fra1-ib.adnxs.com — Cisco Umbrella Rank: 6579 secure.adnxs.com — Cisco Umbrella Rank: 469 acdn.adnxs.com	61 KB
12	wheregoes.com wheregoes.com	159 KB
9	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 797 ads.pubmatic.com image6.pubmatic.com image2.pubmatic.com	32 KB
9	casalemedia.com 2 redirects r.casalemedia.com — Cisco Umbrella Rank: 1573 ssum-sec.casalemedia.com dsum-sec.casalemedia.com	8 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 333 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1025	6 KB
6	gumgum.com g2.gumgum.com usersync.gumgum.com	3 KB
5	yahoo.com 4 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 481 ups.analytics.yahoo.com — Cisco Umbrella Rank: 338	2 KB
5	bing.com 2 redirects www.bing.com — Cisco Umbrella Rank: 59	5 KB
5	media.net 1 redirects prebid.media.net — Cisco Umbrella Rank: 1429 contextual.media.net — Cisco Umbrella Rank: 675 c21lg-d.media.net hbx.media.net	11 KB
4	smartadserver.com 1 redirects rtb-csync.smartadserver.com — Cisco Umbrella Rank: 623 ssbsync.smartadserver.com	2 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 383	1 KB
4	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 782 ce.lijit.com	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 205	194 KB
3	rfihub.com 3 redirects p.rfihub.com	2 KB
3	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 670	1 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1002 bcp.crwdcntrl.net — Cisco Umbrella Rank: 959 sync.crwdcntrl.net	12 KB
3	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 808 id5-sync.com — Cisco Umbrella Rank: 423	26 KB
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 857	361 B
3	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 3835 visitor.omnitagjs.com — Cisco Umbrella Rank: 1006	941 B
3	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 22022	150 KB
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 10642	7 KB
2	openx.net 2 redirects us-u.openx.net	675 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 218	2 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 566	725 B
2	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 359	877 B
2	google.com adservice.google.com — Cisco Umbrella Rank: 113 www.google.com — Cisco Umbrella Rank: 10	2 KB
1	simpli.fi um.simpli.fi	612 B
1	mathtag.com sync.mathtag.com
1	a-mo.net 1 redirects prebid.a-mo.net	138 B
1	sonobi.com sync.go.sonobi.com	498 B
1	technoratimedia.com ad-cdn.technoratimedia.com sync.technoratimedia.com Failed	7 KB
1	yellowblue.io cs-server-s2s.yellowblue.io	370 B
1	adkernel.com sync.adkernel.com	160 B
1	minutemedia-prebid.com cs-rtb.minutemedia-prebid.com	527 B
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2046	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 620	338 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2245	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 3886	400 B
1	twiago.com a.twiago.com — Cisco Umbrella Rank: 26095	153 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2505	399 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 778	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1226	885 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2951	274 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1276 c1.adform.net Failed	163 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 422	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2136	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1321	99 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	5 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 414	650 B
1	azureedge.net adsdkprod.azureedge.net — Cisco Umbrella Rank: 55775	24 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 10774	6 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 368	878 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 22106	693 B
0	audrte.com Failed a.audrte.com Failed
0	de17a.com Failed d5p.de17a.com Failed
0	creativecdn.com Failed creativecdn.com Failed
0	admanmedia.com Failed cs.admanmedia.com Failed
0	socdm.com Failed tg.socdm.com Failed
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	deepintent.com Failed match.deepintent.com Failed
0	ipredictive.com Failed sync.ipredictive.com Failed
0	stackadapt.com Failed sync.srv.stackadapt.com Failed
0	zemanta.com Failed b1sync.zemanta.com Failed
0	disqus.com Failed ssp.disqus.com Failed
0	unrulymedia.com Failed sync.targeting.unrulymedia.com Failed
232	72

	Domain	Requested by
12	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net cdn4.buysellads.net
12	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com ssum-sec.casalemedia.com g2.gumgum.com ads.pubmatic.com ssbsync.smartadserver.com
12	wheregoes.com	wheregoes.com
11	cm.g.doubleclick.net	8 redirects wheregoes.com g2.gumgum.com
10	imageproxy.eu.criteo.net	ads.eu.criteo.com
8	eus.rubiconproject.com	wheregoes.com eus.rubiconproject.com cdn4.buysellads.net public.servenobid.com g2.gumgum.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net wheregoes.com
7	pixel.rubiconproject.com	3 redirects wheregoes.com ads.eu.criteo.com eus.rubiconproject.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	gum.criteo.com	5 redirects static.criteo.net
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	usersync.gumgum.com	g2.gumgum.com
5	www.bing.com	2 redirects wheregoes.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	aax-eu.amazon-adsystem.com	2 redirects wheregoes.com ads.pubmatic.com
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	match.adsrvr.org	wheregoes.com ssum-sec.casalemedia.com g2.gumgum.com ads.pubmatic.com
4	token.rubiconproject.com	4 redirects
4	fra1-ib.adnxs.com	cdn4.buysellads.net wheregoes.com cdn.adnxs.com
4	ib.adnxs.com	2 redirects cdn4.buysellads.net acdn.adnxs.com
4	www.googletagservices.com	cdn4.buysellads.net securepubads.g.doubleclick.net
3	image2.pubmatic.com	ads.pubmatic.com
3	p.rfihub.com	3 redirects
3	ads.pubmatic.com	public.servenobid.com g2.gumgum.com ads.pubmatic.com
3	ssum-sec.casalemedia.com	public.servenobid.com ssum-sec.casalemedia.com g2.gumgum.com
3	ssbsync.smartadserver.com	1 redirects public.servenobid.com ssum-sec.casalemedia.com
3	ad.360yield.com	2 redirects
3	ups.analytics.yahoo.com	2 redirects ads.eu.criteo.com
3	secure.adnxs.com	2 redirects ads.eu.criteo.com
3	dis.criteo.com	1 redirects ads.eu.criteo.com
3	fastlane.rubiconproject.com	cdn4.buysellads.net
3	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
3	cdn4.buysellads.net	wheregoes.com
3	api.fouanalytics.com	wheregoes.com api.fouanalytics.com
2	us-u.openx.net	2 redirects
2	ce.lijit.com	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	simage2.pubmatic.com	ads.eu.criteo.com ads.pubmatic.com
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	visitor.omnitagjs.com	ads.eu.criteo.com ssbsync.smartadserver.com
2	match.sharethrough.com	ads.eu.criteo.com public.servenobid.com
2	contextual.media.net	ads.eu.criteo.com cdn4.buysellads.net
2	x.bidswitch.net	1 redirects ads.eu.criteo.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	mug.criteo.com
2	id5-sync.com	cdn.id5-sync.com ads.eu.criteo.com
2	ap.lijit.com	cdn4.buysellads.net public.servenobid.com
1	um.simpli.fi	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	sync.mathtag.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	hbx.media.net	1 redirects
1	prebid.a-mo.net	1 redirects
1	sync.go.sonobi.com	public.servenobid.com
1	ad-cdn.technoratimedia.com	public.servenobid.com
1	cs-server-s2s.yellowblue.io	public.servenobid.com
1	sync.adkernel.com	public.servenobid.com
1	cs-rtb.minutemedia-prebid.com	public.servenobid.com
1	g2.gumgum.com	public.servenobid.com
1	c21lg-d.media.net	contextual.media.net
1	acdn.adnxs.com	cdn4.buysellads.net
1	public.servenobid.com	cdn4.buysellads.net
1	s.thebrighttag.com
1	beacon.krxd.net
1	sync-criteo.ads.yieldmo.com	ads.eu.criteo.com
1	ad.yieldlab.net	ads.eu.criteo.com
1	a.twiago.com	ads.eu.criteo.com
1	criteo-partners.tremorhub.com	ads.eu.criteo.com
1	sync.outbrain.com	ads.eu.criteo.com g2.gumgum.com
1	exchange.mediavine.com	ads.eu.criteo.com
1	matching.ivitrack.com	ads.eu.criteo.com
1	cm.adform.net	ads.eu.criteo.com
1	eb2.3lift.com	ads.eu.criteo.com
1	criteo-sync.teads.tv	ads.eu.criteo.com
1	sync-t1.taboola.com	ads.eu.criteo.com
1	rtb-csync.smartadserver.com	ads.eu.criteo.com ssbsync.smartadserver.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	widget.nl3.eu.criteo.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	px.ads.linkedin.com	wheregoes.com
1	www.google.com	tpc.googlesyndication.com
1	adsdkprod.azureedge.net	adsdk.microsoft.com
1	beacon-ams3.rubiconproject.com	wheregoes.com
1	ads.eu.criteo.com	wheregoes.com
1	cdn.adnxs.com	cdn4.buysellads.net
1	adsdk.microsoft.com	cdn4.buysellads.net
1	7769e2148a7769880b77ea1600c416af.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	prebid.media.net	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
0	a.audrte.com Failed	ads.pubmatic.com
0	d5p.de17a.com Failed	ads.pubmatic.com
0	creativecdn.com Failed	g2.gumgum.com
0	cs.admanmedia.com Failed	g2.gumgum.com
0	tg.socdm.com Failed	g2.gumgum.com
0	sync-tm.everesttech.net Failed	g2.gumgum.com ssbsync.smartadserver.com
0	pixel-us-east.rubiconproject.com Failed	eus.rubiconproject.com
0	match.deepintent.com Failed	g2.gumgum.com
0	sync.ipredictive.com Failed	g2.gumgum.com
0	sync.srv.stackadapt.com Failed	g2.gumgum.com
0	c1.adform.net Failed	g2.gumgum.com ads.pubmatic.com
0	sync.technoratimedia.com Failed	public.servenobid.com g2.gumgum.com
0	b1sync.zemanta.com Failed	ssum-sec.casalemedia.com g2.gumgum.com
0	ssp.disqus.com Failed	public.servenobid.com
0	sync.targeting.unrulymedia.com Failed	public.servenobid.com ssbsync.smartadserver.com
232	114

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
wheregoes.com GTS CA 1P5	`2023-06-19` - `2023-09-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-09` - `2023-10-09`	a year	crt.sh
cdn4.buysellads.net R3	`2023-05-22` - `2023-08-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-05-09` - `2023-08-07`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2023-05-06` - `2024-05-04`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2022-11-07` - `2023-12-06`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure TLS Issuing CA 05	`2023-04-07` - `2024-04-01`	a year	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.azureedge.net Microsoft Azure TLS Issuing CA 05	`2023-04-20` - `2024-04-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
r.bing.com Microsoft RSA TLS CA 01	`2022-11-15` - `2023-11-15`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-07` - `2023-08-30`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
itm.ivitrack.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.twiago.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-28` - `2023-12-29`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.servenobid.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-05`	a year	crt.sh
gumgum.com Amazon RSA 2048 M01	`2023-02-14` - `2023-10-05`	8 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.minutemedia-prebid.com Amazon RSA 2048 M01	`2023-05-01` - `2024-05-29`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G4	`2023-01-03` - `2024-02-04`	a year	crt.sh
*.yellowblue.io Amazon ECDSA 256 M02	`2023-04-18` - `2024-05-16`	a year	crt.sh
*.technoratimedia.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2022-12-06` - `2024-01-07`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-03` - `2024-02-19`	a year	crt.sh
*.mathtag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-30` - `2024-04-29`	a year	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-06-21` - `2024-03-02`	8 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 43 frames:

Primary Page: https://wheregoes.com/
Frame ID: 61C42A74AD9F0E148CF98E3738BC2AB7
Requests: 44 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wheregoes.com
Frame ID: 79BE98266D747F0B9253A94AD32E2ECC
Requests: 2 HTTP requests in this frame

Frame: https://7769e2148a7769880b77ea1600c416af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 523EFB4DC4983F544675600E848BEBA1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssczWSn_Jm1Toeydth3PZ2VVizLxbJALp8TO7d5nUiju2ntMRu80zMeW5k_zBIwKxIAxRbVlDV1qvijHVbu5D2lpdKtll5EfNqmhwjB1gLaHmhRPbCJybx2jOfEGbZSmQq6i8uqKS8kRjHqIEedYG6WHYG4yE-kq0LvwPhsBhE1v4sk38cnmv55I9gzQUy8pMzIQB8LYZBGb9Uz7lT5tFLDXO8NoFtwkkhp98SlYDovRFA4_cBdgMiY4xlCcjl-bWIKovmhB8bER48ipvnmTNfLTuc0nneAEIdcJfZHRyBmJuAJlaJ0EOgjqLZnl1pNUXM56wnLzYBh7yLjmHo_WqyVgCmAXsquOnVJ&sai=AMfl-YSlQtl-wPXjV-wYsKSVL_atDgPaPBg7fDNf6OHZoY8W4yTNgUPoSHe6A-Smi-yu6qnSTF7gUSobacZhm8X9ess3WKMqQ1GgD0dbwVRtp3Juzy3wkZuaJFzs5GDYbA1-R-GrZMIIkhA5dvqtY5_n&sig=Cg0ArKJSzCF3xS4gns9pEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 78EA905F4A0147C07C2CBA30CB9B97C7
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAQZxUzQt1uKq5qmuKawPktLsDIxNsWBDD9Wlwxz5Je5Nh6IXH93w9ZHVOQhN92tbbh0ixbFpYB6C18vInUrTPqZW7z40-Feb9paFDUocU4gbGEGg1ZdYl_GR8dI9hAHevYNKjyFauZ-VbyuvK6Y5Y-OnoPf68_-CmZ8L6mjUcyHI_O4LMbpV7FDwHJKF-xtHdcC_n7KUixADbDQyMR3wt4xHCxuibX6ibWp7ZxOuOJEEc5VVLd9YqfPWJAW5BZzR3x9aEr0bw9GlW9KK-WHuRWROJaefQQv31WsWeOjbpg16L2iHebxL9tYSRbGy-MIlathG1-XysLmRfNo1tKBa8ByMbCYb7&sai=AMfl-YS7k6lJdUtw6g-4HaJUSMfmG0DvJHRG-brt0fuHzuvRCqf-Msira3TOPdmXJMJB4W8x6GD5cpXmzH4b9MvIpc7UmXM6fFb988RDQ8CYfqxPi_kGydmOYMnBWU2OVgjaw0xkwbSA7sCRfiFDWTwR&sig=Cg0ArKJSzNXudGB-2DvLEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: AB97C2C988B205EAD6DF16482F678BB5
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYy_wfn_liuuSUnjR64QZWUJbREmz5Ey_MdLQrvJjWadS_S95mDrIT2yAmBO--LypieFquCgUUFT_CHswBqKo2oU9681xPcJKLSz9CdTiqBC_vjSKvgd3YnLPgeVa3TCcfT_h36JxmSeprLa2OIzGqgUHozipjiWYdhiRsdiax-bTzE8h2AF3d_2CbDhJVXOFH3hVK4zrLQbnqoysBb-s8NudD6Hrf-a1JLoEyHnPRHBO7T11ZoYdW0NcPYe4_jZbYY4plgVCTq386aV7IpBjdO3ByBSXidI6TOWVEVrEJkp90IeRl2fj2NbL4Dna2fC5asLeiQ08JgDq2Ih4HDOtKA-JcUlXcLFBQ3dw&sai=AMfl-YR6u9iqqJ1FKLOs2K9zojLV9gGxSqcC7chnQ35GKCVOWM9-4gGQMbsGqYdUhXAX6H1dQhsqk7y9g5aKE9AR9V_TyvMANpkf0VyJUAWDMq-FR_Q-Fv5eLTjSrvgua4Nwy1YjirWyB9KURyd9X_iV&sig=Cg0ArKJSzOQ0F2jdOxEGEAE&uach_m=[UACH]&adurl=
Frame ID: 1C31E3E778D5B81DFB04EF4A9A88FC6A
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Frame ID: 20ADF078EF7839CB539828BFFA29C5D6
Requests: 24 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 12CF2E94F015AA2D26A968CE49AE0E30
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8ADDC1D75D263FD4AC4BD8748D859AE0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C5D637B0F03FF378B89D8A566C96C2B
Requests: 2 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=64a2f407afdb4675e028503b42a6f34d&r=https%3a%2f%2fwheregoes.com%2f&crossorigin=false
Frame ID: F7282F79679EFA6DC667D1AA0A80180C
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-yP1TBgQ3-27fV-vRAxjtKO48xYuAhDwVa3iYVA&expires=30
Frame ID: 27C647628EE7586C528E3D1B156FBB63
Requests: 28 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com
Frame ID: F39F8C6DF712A039DF7011710234C50A
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: D3E0A6DA5B82F8D0EE105D6269A158C4
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 18E182F278AB660409024BFC0D619BBB
Requests: 2 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 65023E984C75E773E64D80927BD22258
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1688400902942
Frame ID: 86832CCADDEDCF5760F634B9BE66F939
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4049CFB257AE30A7B38F928325F8220C
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 2E79371FFFD976A6638403BB94D6795D
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 55E456003E2A3AB564BF1F3959D7B6DB
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 0B5895A0DE1C6994B91C69F0D21D8ED5
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 7ABEA7592F0D4FE51701F30A4A7F6AFC
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 5C4E05F1B39A4A3F327521425A9805B7
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: C23E1E614208CA481A1A903B6C5F2A3A
Requests: 11 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 6477DF8B769F2251177A3AF9FF379DC7
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 7272C6D90824B201F1147FDB3BB9A7F5
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: FC969926F359030A6072EAB1EC0DD3BF
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Frame ID: 2C9FCF65C8136B2FE17BD6821AE45007
Requests: 2 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: DA9D16A9629FFF5CD594158C2981AED0
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZDQ0ZmViMC0wYTYzLTRkYmMtYmVlMy1lNGY2ZTE0MWM1YzU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: A9F0FD386AA58FDD7FFF53C122E8BB63
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 7CE6213B85DC030704C084AE41D48594
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: ED0CA1182108CB92389A815FB7DD6F8E
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 06D32950D05A4D1459FB870FFB0A694E
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_cd44feb0-0a63-4dbc-bee3-e4f6e141c5c5&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: CC89C1DFCB000F7E4E786A37C240C646
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 842BE2E3794309FB8DFB94647B1EE4E5
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum&tc=1
Frame ID: 624F1C1A46F671DEFFF8EF44D390A78B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 000FF2A1CAA59A9BA5B9B975BEBFF690
Requests: 3 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Frame ID: 0390AD4E919E3CE8FB405FCD05EA7B4C
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: 821292294D00271200B39A4DEABF8B41
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: FE8B8BAD6030FC0FBCBAD2811224A4A3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526467073050
Frame ID: 396C4A06395D9BA6E6A44EB57184CCAD
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3B957019-7A3E-4954-B7DF-6FC5AAA41020&redir=true&gdpr=0&gdpr_consent=
Frame ID: 5B9B4B6966E393FD06B5FCBE05FF73A8
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=3B957019-7A3E-4954-B7DF-6FC5AAA41020
Frame ID: 878091A5010147E6CEA8280DD9DE85EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tiny URL Expander | Redirect Checker - WhereGoes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

232
Requests

73 %
HTTPS

30 %
IPv6

72
Domains

114
Subdomains

88
IPs

8
Countries

1505 kB
Transfer

3664 kB
Size

49
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/WhereGoes_com
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheregoes.com&sn=ChromeSyncframe&so=0&topUrl=wheregoes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=kftGD3xObm9IMGZuSjMwcHBGRm5xU1htd29EK3pJdDRyd05scU4yL21EU0dWSFJSVlFXRGFoL1lFWUtwNytmbjlEdlN4YVNMM0dRdXowdnFGa0QwM2hIalIxZzFVVnpyNXpDMDVtZGV2aXl0NklNdjZVMTlvbjNmV2RhT0FRRnkzemVaa2FOalVHcGpUMFViQm9xYUNWdElWMXVUai9mT0o1bWwvanFMSDk3OUtNNkI4dmNSUExnU3ZvQkpYOGs3ME0xM2N4cXhWUDRDTXQvdlhZMzdYR05sckxkRTV5OWd1QzVBWTZKZndlbWRwampISkFyNldrZ2paK0lwdGx1emluVW1ILzlpSVRaTGVVbE15RnRWc3RCbXQwUT09fA&cppv=2

Request Chain 55

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2d4b0037-7a95-410e-a27a-7dd1d6186a10&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=4466957b-7d66-4683-a7e6-7c46c6348e59&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D58dd2eb3eb3e4acc9c27909b842e6351%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=23918325&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=3212283519200684672 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58dd2eb3eb3e4acc9c27909b842e6351&SNR=1&GV=2&med=10

Request Chain 72

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWE1ZTQyNTZlNmZiZjFjMmEwZDU0MDIyZDVlMWFjZTNkZWQwMDczYg

Request Chain 73

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMk5DhXrkQCcbbDpzip9wM&google_cver=1

Request Chain 75

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJN2AYJ7-1O-357I

Request Chain 76

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UsJD81-2SNevZE02K6Wbiw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UsJD81-2SNevZE02K6Wbiw

Request Chain 77

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Az-AQFrbxuurPNTQokWVksn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VHD8iNZE2oJ75utF55IIkhneSI4RgIG7LoOKUg--~A

Request Chain 78

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpOMkFZSjctMU8tMzU3SQ== HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENUwp0fI1D0dZ13SZ9T3ko4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpOMkFZSjctMU8tMzU3SQ==&google_push=

Request Chain 79

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bSs6jiaUR-6SyX2SE1n9_g&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bSs6jiaUR-6SyX2SE1n9_g

Request Chain 107

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-yP1TBgQ3-27fV-vRAxjtKO48xYuAhDwVa3iYVA&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-yP1TBgQ3-27fV-vRAxjtKO48xYuAhDwVa3iYVA&expires=30

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-fXMJmgQ3-27fV-vRAxjtKO48xYvaexDK99KQSw&google_cm&google_hm=ay1mWE1KbWdRMy0yN2ZWLXZSQXhqdEtPNDh4WXZhZXhESzk5S1FTdw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-fXMJmgQ3-27fV-vRAxjtKO48xYvaexDK99KQSw&google_gid=CAESEPROL_irdd2AKoKo5BhuJ-4&google_cver=1&google_ula=913071,0

Request Chain 109

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8827646718600857853

Request Chain 121

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-bBTnRwQ3-27fV-vRAxjtKO48xYsYTRBOlDAURw HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-bBTnRwQ3-27fV-vRAxjtKO48xYsYTRBOlDAURw&C=1

Request Chain 122

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ra0hWV5iSZutbp-KRlgKon00jJaZpyfW HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ra0hWV5iSZutbp-KRlgKon00jJaZpyfW

Request Chain 124

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-l8pcuAQ3-27fV-vRAxjtKO48xYva1zotya-J3A HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-l8pcuAQ3-27fV-vRAxjtKO48xYva1zotya-J3A

Request Chain 134

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kewuHILRpECldGk_-9HOC3BBUupg7pqQ

Request Chain 137

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=FTxFYtET4v5Jb6QL_wH3MhFWzxyZAMj6

Request Chain 141

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2d4b0037-7a95-410e-a27a-7dd1d6186a10&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=4466957b-7d66-4683-a7e6-7c46c6348e59&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D58dd2eb3eb3e4acc9c27909b842e6351%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=23918325&trafficGroup=knaqe_3c&trafficSubGroup=pbageby&aid=3212283519200684672 HTTP 303
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=58dd2eb3eb3e4acc9c27909b842e6351&tids=15000&med=10

Request Chain 145

https://gum.criteo.com/sid/json?origin=publishertag&domain=wheregoes.com&sn=ChromeSyncframe&so=3&topUrl=wheregoes.com&bundle=Qnp7PV9uNmUyaDB0OURxaWQxY0tzMkFWUXd2NkdJMGZ2cSUyRjVVMDRTaTVoOXR5djZUSmpWJTJGJTJGTkE4eTQ4VXhyZGxmamhubElOUUwlMkIybndvNGF1UEVtb0V3cHpmcGcxeSUyQkhLM0lTYU9mMDhCblpET0dyd0E5UUhmQUlINjlYYzZCMUVCSjBhWkdVUHJ3Yks1SVZjdExIb0tjZTJ3JTNEJTNE&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=3m_dunxwNU5pVDNoN3k2TnBQT0Q2a1JCdlAwQ3ROc2FKOWlpK2tRc3F1M2NrQ1lNTVJKZTBFeGkxUVFORE5HVlprT3kzdS84WGplSHVMRUpSbjQ1Ly9idWRzWVdLOVQ3NDc2dnM5aFI4dWtZdWpmZlB0Vy9lOS9IZStFa3dtMzJPNEtZd0lhM2kvR29UaWpZT09SaVBWMTBSRUg1T3Z4OU9Gc0ZtTzByL3QwYjZjTllLUEdqaU1JWUVyZXpuR3hGaHArVFpGZlJJckVpZm1UQTF2a0JIN3FTcko2cjBibk9lb0JFQXBuRU54dWJKd2l5aHJpeWxsVVFNQ2kzZEgzbHlXTVdjMFEvSjRUOWozSkRZTHZaclo2a1l0ckRJQjNOakhlZFZXSkUxVWJ6MmoxZz18&cppv=2

Request Chain 159

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 165

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=8827646718600857853

Request Chain 166

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=G62vsRZH7n_xfAbuSZaXr-_F

Request Chain 168

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1688400907146 HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=1233661307 HTTP 302
https://sync.1rx.io/usersync/turn/3885511552019901866?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-599ec98c-8779-43cb-a537-ba2174de84e1-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-599ec98c-8779-43cb-a537-ba2174de84e1-003

Request Chain 169

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5144588525540386229

Request Chain 171

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=

Request Chain 172

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-EdFv.spE2uGEdAfaqjdFfBdFGspBJK0T1e7yunM-~A

Request Chain 174

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-EdFv.spE2uGEdAfaqjdFfBdFGspBJK0T1e7yunM-~A

Request Chain 176

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

Request Chain 178

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZKL0CLN8Opt1bxypZZCBpgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL0WA1CM9x_J1Crkg45pMbc&google_cver=1

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZKL0CLN8Opt1bxypZZCBpgAABKEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHGA5YX129pxNRIxrx4JnPY&google_cver=1

Request Chain 182

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8827646718600857853

Request Chain 183

https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329526467073050

Request Chain 189

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=8827646718600857853

Request Chain 190

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_cd44feb0-0a63-4dbc-bee3-e4f6e141c5c5&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2

Request Chain 191

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%286DQkwbCVQfReM8mF_znRjOkiM-OAwI0GsPXTt0kClzm_Z_4vc68uAIYcTbqvnJ9-%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%286DQkwbCVQfReM8mF_znRjOkiM-OAwI0GsPXTt0kClzm_Z_4vc68uAIYcTbqvnJ9-%29%26gdpr%3D0 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_cd44feb0-0a63-4dbc-bee3-e4f6e141c5c5&obuid=ENC(6DQkwbCVQfReM8mF_znRjOkiM-OAwI0GsPXTt0kClzm_Z_4vc68uAIYcTbqvnJ9-)&gdpr=0

Request Chain 192

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=c7380a07-957c-4721-915d-2585a85a008c

Request Chain 194

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-NeG_pPRE2pd2XGrrlgkMLhIncZj51MzMPREC~A

Request Chain 199

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=56d385ae-5d20-4063-bc09-8da9c72ffc5c

Request Chain 200

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=PqLotr85ClUX&ev=1&pid=558355

Request Chain 201

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=6329278882639654901

Request Chain 211

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1

Request Chain 212

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 215

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

Request Chain 216

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526467073050

Request Chain 219

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O5VwGXo-SVS332_FqqQQIA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 221

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3210914529 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0I5NTcwMTktN0EzRS00OTU0LUI3REYtNkZDNUFBQTQxMDIw&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 224

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECkuseUI-f0SU1NM-ARdXYc&google_cver=1

Request Chain 226

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Request Chain 230

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=5468887545 HTTP 302
https://sync.1rx.io/usersync/turn/4245799522209541546?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-599ec98c-8779-43cb-a537-ba2174de84e1-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-599ec98c-8779-43cb-a537-ba2174de84e1-003

Request Chain 231

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NjMyOTI3ODg4MjYzOTY1NDkwMQ==&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPPXgx8pcYbVsJT9C8ULWuk&gdpr=0&gdpr_consent=&google_cver=1

232 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wheregoes.com/ 17 KB
6 KB 210ms
139ms Document
text/html 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6834ab0603575e588d4525d0962e30905f5f52e07e43c790e11e690802fea479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7e106cc56baf1e0c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 03 Jul 2023 16:15:02 GMT
fastcgi-cache: HIT
link: <https://wheregoes.com/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPF5Xya3PbvCvPID%2FXcOAubpqIsCYFC36aUQiXm0rpm%2Bc68073Q1KI4wexLRPfK5GxX%2B3bjOr5XJx782Y8k%2FktWwbpYla5UEWRKVhLB2iBJYanOw2wS7Smsp7iJqsQ%2B5J%2BC2MX4zfvRYqCRD"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
wheregoes.com/c/cache/autoptimize/css/ 238 KB
85 KB 32ms
31ms Stylesheet
text/css 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2f37a5d48012b60d0912d3469d5d2e1557238e8b91695dbdfa4abf4519aae6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5431783
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:53 GMT
server: cloudflare
etag: W/"642ddfe1-3b648"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKx1RGZeiNVOxskG2CyDPZiO6zrSd0Fy8JNjoJCN8ALzMqGRW3c%2Bv%2BNOb7gst11INb4rW8jOr4gLSre5Z%2FferdV9ewTJKvsNaJ7UVOtbzSv8RupSbBo%2Bg4NnTOjz0%2B02ld99Gw3jRBM9QR5h"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e106cc65d0b1e0c-FRA
expires: Thu, 04 Apr 2024 20:54:00 GMT

GET
H2 200 jquery.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 88 KB
32 KB 151ms
150ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery.min.js?ver=202307031678

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
server: cloudflare
etag: W/"642ddfde-15ed7"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAOm10IvcZrJUSHpbpkkQgJDnk1FVYgI%2BNZ%2FPmSN3%2B91l1st%2BQmO0fNB%2FX2fGjuhbm8%2FoaIQi0SeBczJOZ9vHRcbMbxTmzNT4LbOUVcIeQNJHu866ut4PHUrVO4wspcj39GRbPSN2EewJjeI"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e106cc65d0d1e0c-FRA
expires: Tue, 02 Jul 2024 16:00:03 GMT

GET
H2 200 jquery-migrate.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 13 KB
5 KB 127ms
126ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=202307031678

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
server: cloudflare
etag: W/"642ddfde-3470"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rbv6mFfzXKTLc527aavh6xjnVkNdh04%2FkpGMZxgW7jrEerFeRGMhMLmwK%2FPa1e%2F1eUbnmTbucYtC8llDwvilVEBq9LmbJD%2FVlx9W%2FtSqnNOMD16dHOD2S1nLcd5Fp6e3fgoRP20OCvbPrMm"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e106cc65d0f1e0c-FRA
expires: Tue, 02 Jul 2024 16:00:03 GMT

GET
H3 200 script.js Show response
wheregoes.com/js/ 1 KB
1 KB 122ms
121ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/js/script.js

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 885
x-cache: EXPIRED
cdn-cachedat: 07/03/2023 15:45:36
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.1.5
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 03 Jul 2023 15:58:17 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v6MGjjF3mw9LpycQ4wkOZOWx6siklFyBxYkH8LkCRTGRFNAxzswMplROXplKF%2BlzqvmuyPc1hNKaymWBoRrALtSCpCAKV3fhnaNMRhoZyJ45wN8zG1Bf6axkd4HDEdbq0ScFuGCwSsQsZ9ex"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, max-age=14400
permissions-policy: interest-cohort=()
cdn-requestid: ee951963cff9ae096881b4c4cdf1db1c
cf-ray: 7e106cc71af89036-FRA
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 init-1144pc80p2fur20uadwq.js Show response
api.fouanalytics.com/api/ 318 B
733 B 256ms
195ms Script
text/javascript 2606:4700:e6::ac40:c626
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363acc6dc931889c3a1125686830d84b7734a642957aebe2cde330c154cdf4d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:02 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qABPsxN28d9QNK%2BsGGCja0GNSRnm0LrrnpC8uEoQ%2FXRIrvyHXezS0P9gDQ%2BtgsjJoUnaqTxjxI6HX4RS%2Bn4Um5eQW2d%2BA8cfOvubge4d%2FhvUnIFZiI%2F0Ju%2BXjeNm2U4wgpM%2Bld8mIvjh1L%2F1AhzGNwHT5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7e106cc7bd5d92b9-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 index.js Show response
wheregoes.com/c/p/contact-form-7/includes/swv/js/ 10 KB
3 KB 128ms
126ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/p/contact-form-7/includes/swv/js/index.js?ver=202307031678

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 31 May 2023 14:04:21 GMT
server: cloudflare
etag: W/"647753e5-2801"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yl3Mv%2FFREo7Vt66lg3avxun3hedLFdfRXp%2BTgRQSbeKLfcVP2HSIQ%2BFdWHEs4hM82LyBf0dlrHbQWQMAtEYLbrZxVWs6DnTTje5Q%2BeyrWkcAWj3uU3wV3o3RE1S7%2FlVXsnKmzQQ5JFf8J5QP"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e106cc65d111e0c-FRA
expires: Tue, 02 Jul 2024 16:00:03 GMT

GET
H2 200 index.js Show response
wheregoes.com/c/p/contact-form-7/includes/js/ 13 KB
4 KB 128ms
127ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/p/contact-form-7/includes/js/index.js?ver=202307031678

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 31 May 2023 14:04:21 GMT
server: cloudflare
etag: W/"647753e5-328f"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqmZJhvFPpPGiMmx13ErHmB%2F%2FQIMgYgGALLLJRIL0aO5HLVq%2F%2B9d8eqc0Ad5TGwEQooQtrTlr0D8uYjYrIWY3tcMkdkGa45znbMQQ2TGfDmeBSGaSeyyE95gX8cZnIOr%2F8ZJaw%2FZxGypTMeI"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e106cc65d131e0c-FRA
expires: Tue, 02 Jul 2024 16:00:04 GMT

GET
H2 200 main.js Show response
wheregoes.com/c/themes/custom-theme/dist/js/ 5 KB
2 KB 123ms
122ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/themes/custom-theme/dist/js/main.js?ver=202307031678

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f4129c1cfc1a9fcb2e94b35853f3d2085c0807564e37971d1ccb6ef2a7e852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Feb 2023 20:32:40 GMT
server: cloudflare
etag: W/"63e55868-1464"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v58eu47HdrPmR5sSEVHrszt7TRPWC3iuC7AyYw4sztKKBuE4yuFn03whoQT4iEK%2B9P7z%2BccP6ocsigYNmO7GQsYAhF4Wil4D0GGL9%2FWfppvI1uyX8Mgl2pOE73IqJDT%2FU24LInsWTx2iWCQO"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e106cc65d151e0c-FRA
expires: Tue, 02 Jul 2024 16:00:04 GMT

GET
H3 200 wp-emoji-release.min.js Show response
wheregoes.com/wp-includes/js/ 18 KB
5 KB 124ms
123ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/wp-emoji-release.min.js?ver=202307031678

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
server: cloudflare
etag: W/"642ddfde-4904"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GwCywr%2BU7sqHoTnZNUcMcbtXbjoIxQrYGeWxth07XpYPgIpoRLGouzwIPH567TGKVnzd9mtk0wI%2BpP%2B9fqNivsGZ0pDJkN7bd%2B%2Fr7sJw5B6UDCT50SJliXuSxU0yBHfNILJz%2FciGEmQN5IsC"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e106cc75b539036-FRA
expires: Tue, 02 Jul 2024 16:00:04 GMT

GET
H2 200 wheregoes.js Show response
cdn4.buysellads.net/pub/ 474 KB
132 KB 79ms
26ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 062ca10ec916e26ab4051ac393c8a5219654f91886c22da18ac16ef926619573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
content-encoding: gzip
last-modified: Mon, 03 Jul 2023 16:11:46 GMT
server: AmazonS3
x-amz-request-id: 291RSET56QZCGT2A
etag: "f81f7e328bd2cfbdd55dfe11b97bd240"
x-amz-server-side-encryption: AES256
x-hw: 1688400902.cds255.fr8.hn,1688400902.cds234.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 134608
x-amz-id-2: m56hr6qodTwE4Khr09/xr+8dkripCmlCHb3lCCXJPQ7sSzW5lRwwHcMF8fCj0V/xHVhuJRYqa74=

GET
H3 200 logo-h-blue.svg
wheregoes.com/c/themes/custom-theme/img/ 15 KB
6 KB 29ms
28ms Image
image/svg+xml 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheregoes.com/c/themes/custom-theme/img/logo-h-blue.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 933072
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Apr 2021 19:20:03 GMT
server: cloudflare
etag: W/"60734be3-3afa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gypYfgM65FINVcPYqguM05SathBGiEK0uqk7wHA5two%2BG5ZL49sab2k6sl%2B6RaNpnuiuNjA%2B3jwo3KLXd2St8oE5agC5v3o%2BW6ibRlWeYYZ19GojXKFuql1KNkEo0e%2BVZ9KflSUtxENgMhG%2B"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 7e106cc76b5e9036-FRA
expires: Fri, 09 Feb 2024 21:14:10 GMT

GET
H3 200 wheregoes.woff2
wheregoes.com/c/themes/custom-theme/fonts/ 8 KB
8 KB 27ms
27ms Font
font/woff2 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wheregoes.com/c/themes/custom-theme/fonts/wheregoes.woff2?90359859
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b

Request headers

Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_5f69003b2a86aebf8c5894bb6876876e.css
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12421822
alt-svc: h3=":443"; ma=86400
content-length: 8024
last-modified: Fri, 18 Jun 2021 18:52:37 GMT
server: cloudflare
etag: "60cceb75-1f58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrBTTZdDLzqwVhodCsxOqh8tBGABa12MuBt4cY3zz8I9x2BPV%2FX0i3%2FR2S60Awb6SpFSirPL2XGXExAG8F3rXkIWG%2B59yV5bDrxGDx9VRrtbVcJwe%2F0bBqGwkWbOO1iuxND4POpp3XvO3IfQ"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7e106cc76b609036-FRA
expires: Fri, 09 Feb 2024 21:14:10 GMT

POST
H3 202 event Show response
wheregoes.com/api/ 2 B
760 B 265ms
265ms XHR
text/plain 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/api/event

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/js/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 885
cdn-cachedat: 07/03/2023 16:15:02
cdn-pullzone: 682664
application: 10.0.0.3
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F25nrN9wBVfuPvcaGQ8F
cdn-proxyver: 1.03
cdn-requestpullcode: 202
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wbhxjrhdul5WXKRjLonEBGjSY4GTgjqkb9%2Fgf22B4ol2iL0jitffw0WznoUyf6XXTJtRwoji7asH%2FoV6LxgLVe8FeRxL24yaGdIabMftvOpv5xyE%2FOBSBssYKDnsNHkw0jhgCwWofCuaC6t1"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: f3a77ab6966edca47fe2576a8beb37ee
cf-ray: 7e106cc7ebf59036-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 75 KB
26 KB 153ms
80ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a133236564608313dc4cd491c3d6bf05ce8037f72968ed1518da54d393ec3ab3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26079
x-xss-protection: 0
server: cafe
etag: 602 / 19541 / 31075744 / config-hash: 4433571151520717869
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 03 Jul 2023 16:15:02 GMT

GET
H2 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 28ms
27ms Script
text/javascript 2606:4700:e6::ac40:c626
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20d3e3cc1340e218d30035033398ccfe72086801df5dfc6fc53d36ec04965a75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 16 Jun 2023 18:40:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 4415
etag: W/"648cac83-3bd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lV06zWpITNv13miNS1tqHTzb0w2xUHxoJpAVSVtoYiyFU%2FpFf7%2F5TM2XtKgCcW5%2FPDOgcr%2FrFUVxzEPL3sSVnEcy9dhp%2FiZXQ3wwbegmOM6hoffOE%2Bhenxqy%2Bcft3J7iHc%2BGSWpHFGLTcZ2djynsJ06ppw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cf-ray: 7e106cc8eec192b9-FRA
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991

Request headers

Referer
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/ 392 KB
125 KB 79ms
21ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:11:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18229
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127514
x-xss-protection: 0
server: cafe
etag: 13498126467117012333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 02 Jul 2024 11:11:13 GMT

GET
H2 200 CEAIT5QE.json Show response
srv.buysellads.com/ads/ 934 B
693 B 359ms
101ms Fetch
application/json 104.131.3.131
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CEAIT5QE.json?forcebanner=501977&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.131.3.131 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-us-ny-25.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 762dd40c4f33472766ba42adf45bbf82febb52170cd40cf184fa4e173beeafb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
content-encoding: gzip
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 556

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 356 B
705 B 870ms
781ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwheregoes.com%2F&PageUrl=https%3A%2F%2Fwheregoes.com%2F&PageReferrer=https%3A%2F%2Fwheregoes.com%2F&CanonicalUrl=https%3A%2F%2Fwheregoes.com%2F

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

11854056d48286b01e5bcf2b635e9bc7e6326bbfa21e5126c7ea1ba63068eb66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:03 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 751
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 356
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
361 B 74ms
22ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://wheregoes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 152ms
49ms XHR
text/plain 2a02:2638:3::7
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.43.0&cb=65717520861&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://wheregoes.com
date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 413 B
751 B 276ms
171ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=2&alt_size_ids=55&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=c9542779-ff1f-4ee8-bbd8-f734e7dabf39&l_pb_bid_id=18c3d1d45b2fc9f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&slots=1&rand=0.7385103602480036
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8f245963a9c13cf8bda96cca45e8947de2d01523f68065b5e962a2a82fff586b

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:03 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 413
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 4 KB
3 KB 310ms
206ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=69104e3d-7b2e-48c6-be9d-8c5c0cbc1d50&l_pb_bid_id=190674757e9a91&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&slots=1&rand=0.09972274895111655
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: efaed253f4365f956cbece72f62502666c04d92e03f6050d3192b0e0c597cf85

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:03 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 422 B
931 B 266ms
162ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&tk_flint=pbjs_lite_v7.43.0&x_source.tid=c7b41088-942f-41b8-be71-2fc874e0c340&l_pb_bid_id=208c059c9340bec&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&slots=1&rand=0.5339112487387738
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 04aaf475011c4693ea16226034cd4cc394ed1dbe6bbd5d01547f5a2bb18bcc1c

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:03 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 422
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
7 KB 298ms
230ms XHR
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3ffdb4dd35b8047f89586c3e9a43992373e95a00625144e7327ccf67ebda1379

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Jul 2023 16:15:03 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 43b9959e-954b-472c-8b82-eec1804b584d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 178ms
128ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: a886406853ae917e4a665ca68763e1eb4d794d87ca59c050979c8be8a8331b1d

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:03 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wheregoes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 03 Jul 2023 16:15:02 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
400 B 117ms
41ms XHR
application/json 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.43.0
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: b81c3c9e81cc2494394424db2bda6a98d5251e6e705b4d65112e2cc67f61004f

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 03 Jul 2023 16:15:02 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://wheregoes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

POST
H2 200 adreq Show response
ads.servenobid.com/ 2 KB
857 B 447ms
342ms XHR
application/json 52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=3101
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 67da2113f958c94d2970d06bdfec32194fd6879fc938ffb4fc23f8ae306016e9

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
878 B 81ms
21ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 03 Jul 2023 16:15:02 GMT
x-content-type-options: nosniff
content-encoding: br
age: 17714
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
x-served-by: cache-fra-eddf8230070-FRA
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 102 KB
25 KB 91ms
33ms Script
text/javascript 2606:4700:10::6816:3456
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 22 Jun 2023 08:35:03 GMT
server: cloudflare
x-amz-request-id: 1WTS3PXJ3PW0DRYQ
age: 1193
etag: W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7e106ccb6ac49296-FRA
x-amz-id-2: b6msF3rN/zhF2drF/ZyVJ/eaOX6n6q7WjUHiW7fgtpM7i2lpEc/zln9UFz7xrVPSz52wpUIlNcU=

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 169ms
79ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:02 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 38 KB
12 KB 105ms
34ms Script
text/javascript 18.155.129.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.129.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-129-21.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 03:04:08 GMT
content-encoding: gzip
via: 1.1 7942de46d7f690659dee238fe5cd2d32.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 20:34:33 GMT
server: AmazonS3
x-amz-cf-pop: CDG52-P4
age: 47455
x-amz-server-side-encryption: AES256
etag: W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: ODuFlbd5vM4820W0AmbGu67GPCx6FnWwMnhZa4H81Qs9SPsPIMkv4w==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 133ms
33ms Script
text/javascript 2600:9000:225b:2200:a:e047:753:be1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:2200:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id: null
Date: Mon, 03 Jul 2023 05:58:56 GMT
Via: 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront)
Last-Modified: Thu, 04 May 2023 00:14:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC50-P1
Age: 38507
x-amz-server-side-encryption: AES256
ETag: "4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1858
X-Amz-Cf-Id: O-9gA3NXmD8yMtR4LPb3n_XRlBnDO_CEyLRnLpqv-09qSgMffF8Yzg==

POST
H3 200 x
api.fouanalytics.com/api/ 0
455 B 206ms
205ms Ping
text/plain 2606:4700:e6::ac40:c626
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e6::ac40:c626 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1a2y7mw5bFh54Egl%2F5ErjEMetloCw4s2U3A%2B1ka%2FM%2Fg2mIOXSG6S6GRqQCKROeU7jh4%2BueXet%2FHJyiHzBnyDNgjfLueTSjqVai8cf%2FSMPLyImRDRpxy6U%2FlsHqD3LsIa1v0gDK5%2FiM0uLbOcKoDL4PvEig%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 7e106ccb1ae230cf-FRA
alt-svc: h3=":443"; ma=86400
priority: u=4,i

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
322 B 120ms
47ms XHR
text/plain 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://wheregoes.com
date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
332 B 137ms
42ms XHR
application/json 54.76.0.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.0.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-0-125.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 465b2b9dbe62446b05480b0e71f9ccb3f36a86e30c83480f93c9d0ecc6200e2b

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:03 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache
x-server: 10.45.16.38
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 79BE 15 KB
6 KB 138ms
38ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=wheregoes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 16:15:02 GMT
server: Kestrel
server-processing-duration-in-ticks: 424789
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame 79BE
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=wheregoes.com&sn=ChromeSyncframe&so=0&topUrl=wheregoes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=kftGD3xObm9IMGZuSjMwcHBGRm5xU1htd29EK3pJdDRyd05scU4yL21EU0dWSFJSVlFXRGFoL1lFWUtwNytmbjlEdlN4YVNMM0dRdXowdnFGa0QwM2hIalIxZzFVVnpyNXpDMDVtZGV2aXl0NklNdjZVMTlvbjNmV2RhT0...

433 B
656 B

137ms
28ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=kftGD3xObm9IMGZuSjMwcHBGRm5xU1htd29EK3pJdDRyd05scU4yL21EU0dWSFJSVlFXRGFoL1lFWUtwNytmbjlEdlN4YVNMM0dRdXowdnFGa0QwM2hIalIxZzFVVnpyNXpDMDVtZGV2aXl0NklNdjZVMTlvbjNmV2RhT0FRRnkzemVaa2FOalVHcGpUMFViQm9xYUNWdElWMXVUai9mT0o1bWwvanFMSDk3OUtNNkI4dmNSUExnU3ZvQkpYOGs3ME0xM2N4cXhWUDRDTXQvdlhZMzdYR05sckxkRTV5OWd1QzVBWTZKZndlbWRwampISkFyNldrZ2paK0lwdGx1emluVW1ILzlpSVRaTGVVbE15RnRWc3RCbXQwUT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4b0af8fafe78654721c523dd1ab1f0a864d7a4c63912347e45e7e138e345958d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1545334
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=kftGD3xObm9IMGZuSjMwcHBGRm5xU1htd29EK3pJdDRyd05scU4yL21EU0dWSFJSVlFXRGFoL1lFWUtwNytmbjlEdlN4YVNMM0dRdXowdnFGa0QwM2hIalIxZzFVVnpyNXpDMDVtZGV2aXl0NklNdjZVMTlvbjNmV2RhT0FRRnkzemVaa2FOalVHcGpUMFViQm9xYUNWdElWMXVUai9mT0o1bWwvanFMSDk3OUtNNkI4dmNSUExnU3ZvQkpYOGs3ME0xM2N4cXhWUDRDTXQvdlhZMzdYR05sckxkRTV5OWd1QzVBWTZKZndlbWRwampISkFyNldrZ2paK0lwdGx1emluVW1ILzlpSVRaTGVVbE15RnRWc3RCbXQwUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 232066
content-length: 0
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 303ms
30ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wheregoes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 122 KB
27 KB 122ms
121ms XHR
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=56907534514127&correlator=2494358174315157&eid=31074947%2C31075744%2C31075761%2C31075594%2C31075338%2C31075340&output=ldjh&gdfp_req=1&vrg=202306280101&ptt=17&impl=fifs&iu_parts=8691100%2CWheregoes_S2S_Leaderboard_ATF_ROS%2CWheregoes_S2S_Sidebar_ROS_Pos1%2CWheregoes_S2S_Sticky_Sidebar_ROS_Pos2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%7C120x600%7C160x600%7C300x600&ifi=1&adks=1696759606%2C2861055222%2C3809685794&sfv=1-0-40&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1641228026595-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_creative%3D381846714%26hb_adid%3D46d60dfd288031%26hb_bidder%3Dappnexus%26_bd%3Dbid%26_pl%3D0.01%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.01%26hb_adid_appnexus%3D46d60dfd288031%26hb_bidder_appnexus%3Dappnexus%7Coptimize_ad_unit_id%3Dbsa-zone_1641228120494-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D300x250%26hb_pb%3D0.01%26hb_creative%3D2149%253A11312666%26hb_adid%3D4843ebb4f94b262%26hb_bidder%3Drubicon%26_bd%3Dbid%26_pl%3D0.01%26hb_size_rubicon%3D300x250%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D4843ebb4f94b262%26hb_bidder_rubicon%3Drubicon%7Coptimize_ad_unit_id%3Dbsa-zone_1641318529900-6_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dwheregoes%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1688400903752&lmt=1688400903&dlt=1688400902121&idt=700&adxs=436%2C1091%2C1091&adys=374%2C600%2C884&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwheregoes.com%2F&frm=20&vis=1&psz=728x267%7C300x1623%7C300x1623&msz=728x90%7C300x250%7C300x600&fws=516%2C0%2C512&ohw=728%2C0%2C0&ga_vid=726155918.1688400904&ga_sid=1688400904&ga_hid=1930938380&ga_fc=false&a3p=EhwKDWNyd2RjbnRybC5uZXQY4_Wk5JExSABSAghkEhkKCnB1YmNpZC5vcmcYuPak5JExSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOP1pOSRMUgAUgIIZBIZCgp1aWRhcGkuY29tGOP1pOSRMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Yyfek5JExSABSAghq

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af63107eccd5b95330077e53051d50509f31a48354a384488c3cb78798013583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27442
x-xss-protection: 0
google-lineitem-id: 5936457971,5936457971,5324395187
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138383349307,138383349301,138305885717
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 328ms
72ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306280101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e40dd8af07ff517d9b4794e5440ea146fdd14732d472573e2f23e7a540c1a5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11395
x-xss-protection: 0

GET
H2 200 container.html Show response
7769e2148a7769880b77ea1600c416af.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 523E 6 KB
3 KB 280ms
29ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7769e2148a7769880b77ea1600c416af.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 16:15:04 GMT
expires: Tue, 02 Jul 2024 16:15:04 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78EA 0
0 68ms
63ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssczWSn_Jm1Toeydth3PZ2VVizLxbJALp8TO7d5nUiju2ntMRu80zMeW5k_zBIwKxIAxRbVlDV1qvijHVbu5D2lpdKtll5EfNqmhwjB1gLaHmhRPbCJybx2jOfEGbZSmQq6i8uqKS8kRjHqIEedYG6WHYG4yE-kq0LvwPhsBhE1v4sk38cnmv55I9gzQUy8pMzIQB8LYZBGb9Uz7lT5tFLDXO8NoFtwkkhp98SlYDovRFA4_cBdgMiY4xlCcjl-bWIKovmhB8bER48ipvnmTNfLTuc0nneAEIdcJfZHRyBmJuAJlaJ0EOgjqLZnl1pNUXM56wnLzYBh7yLjmHo_WqyVgCmAXsquOnVJ&sai=AMfl-YSlQtl-wPXjV-wYsKSVL_atDgPaPBg7fDNf6OHZoY8W4yTNgUPoSHe6A-Smi-yu6qnSTF7gUSobacZhm8X9ess3WKMqQ1GgD0dbwVRtp3Juzy3wkZuaJFzs5GDYbA1-R-GrZMIIkhA5dvqtY5_n&sig=Cg0ArKJSzCF3xS4gns9pEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 16:15:03 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame 78EA 26 KB
9 KB 31ms
24ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 5e2cd92b9a992454225e3c1722d0ce8013d769ae793fabe276704c908e6055a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
content-encoding: gzip
last-modified: Fri, 30 Jun 2023 22:01:16 GMT
server: AmazonS3
x-amz-request-id: Y11F29SXMNVMJ2A5
etag: "feac0fe490e5884e95f7a7cb7b7673ed"
x-amz-server-side-encryption: AES256
x-hw: 1688400903.cds255.fr8.hn,1688400903.cds248.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 8889
x-amz-id-2: EoP5OAVar0f6SkZsF+JKW56rGcwm//ULIg8exN6yFUaRIcYVL2VxHIGJM3nNdHRdN/qLji7zfvs=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78EA 179 KB
56 KB 41ms
34ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 16:15:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AB97 0
0 61ms
60ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAQZxUzQt1uKq5qmuKawPktLsDIxNsWBDD9Wlwxz5Je5Nh6IXH93w9ZHVOQhN92tbbh0ixbFpYB6C18vInUrTPqZW7z40-Feb9paFDUocU4gbGEGg1ZdYl_GR8dI9hAHevYNKjyFauZ-VbyuvK6Y5Y-OnoPf68_-CmZ8L6mjUcyHI_O4LMbpV7FDwHJKF-xtHdcC_n7KUixADbDQyMR3wt4xHCxuibX6ibWp7ZxOuOJEEc5VVLd9YqfPWJAW5BZzR3x9aEr0bw9GlW9KK-WHuRWROJaefQQv31WsWeOjbpg16L2iHebxL9tYSRbGy-MIlathG1-XysLmRfNo1tKBa8ByMbCYb7&sai=AMfl-YS7k6lJdUtw6g-4HaJUSMfmG0DvJHRG-brt0fuHzuvRCqf-Msira3TOPdmXJMJB4W8x6GD5cpXmzH4b9MvIpc7UmXM6fFb988RDQ8CYfqxPi_kGydmOYMnBWU2OVgjaw0xkwbSA7sCRfiFDWTwR&sig=Cg0ArKJSzNXudGB-2DvLEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 16:15:03 GMT

GET
H2 200 prebid-universal-creative.js Show response
cdn4.buysellads.net/pub/ Frame AB97 26 KB
9 KB 26ms
25ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/prebid-universal-creative.js?1.13.0
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: 5e2cd92b9a992454225e3c1722d0ce8013d769ae793fabe276704c908e6055a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
content-encoding: gzip
last-modified: Fri, 30 Jun 2023 22:01:16 GMT
server: AmazonS3
x-amz-request-id: Y11F29SXMNVMJ2A5
etag: "feac0fe490e5884e95f7a7cb7b7673ed"
x-amz-server-side-encryption: AES256
x-hw: 1688400903.cds255.fr8.hn,1688400903.cds248.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
accept-ranges: bytes
content-length: 8889
x-amz-id-2: EoP5OAVar0f6SkZsF+JKW56rGcwm//ULIg8exN6yFUaRIcYVL2VxHIGJM3nNdHRdN/qLji7zfvs=

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB97 179 KB
56 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 16:15:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C31 0
0 71ms
68ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYy_wfn_liuuSUnjR64QZWUJbREmz5Ey_MdLQrvJjWadS_S95mDrIT2yAmBO--LypieFquCgUUFT_CHswBqKo2oU9681xPcJKLSz9CdTiqBC_vjSKvgd3YnLPgeVa3TCcfT_h36JxmSeprLa2OIzGqgUHozipjiWYdhiRsdiax-bTzE8h2AF3d_2CbDhJVXOFH3hVK4zrLQbnqoysBb-s8NudD6Hrf-a1JLoEyHnPRHBO7T11ZoYdW0NcPYe4_jZbYY4plgVCTq386aV7IpBjdO3ByBSXidI6TOWVEVrEJkp90IeRl2fj2NbL4Dna2fC5asLeiQ08JgDq2Ih4HDOtKA-JcUlXcLFBQ3dw&sai=AMfl-YR6u9iqqJ1FKLOs2K9zojLV9gGxSqcC7chnQ35GKCVOWM9-4gGQMbsGqYdUhXAX6H1dQhsqk7y9g5aKE9AR9V_TyvMANpkf0VyJUAWDMq-FR_Q-Fv5eLTjSrvgua4Nwy1YjirWyB9KURyd9X_iV&sig=Cg0ArKJSzOQ0F2jdOxEGEAE&uach_m=[UACH]&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 16:15:03 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 1C31 23 KB
9 KB 106ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sun, 02 Jul 2023 18:04:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9104
x-xss-protection: 0
server: cafe
etag: 12939045362079141464
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Jul 2023 18:04:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1C31 3 KB
1 KB 109ms
25ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 11:24:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 17 Jul 2023 11:24:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C31 179 KB
56 KB 68ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57260
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1687952195399670"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 03 Jul 2023 16:15:03 GMT

GET
H2 200 9435140927320421974
tpc.googlesyndication.com/simgad/ Frame 1C31 92 KB
92 KB 108ms
26ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9435140927320421974

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de8279221cec92147e41e962754da2e9667fe862dc94f192566fa7bec3d11f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 29 Jun 2023 10:50:06 GMT
x-content-type-options: nosniff
age: 365098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93765
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 20:30:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 28 Jun 2024 10:50:06 GMT

GET
DATA 200
OK truncated
/ Frame 1C31 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38a2237a984134eb2074dfd2f178119e22b880a8785f6aae49e158f2eba34c5c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame 78EA 13 KB
6 KB 141ms
24ms Script
application/javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b67420924b61c974171ee199c51d6be942e783c61f0c197f79abeb78bc143fa3

Request headers

Referer: https://wheregoes.com/
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: br
last-modified: Mon, 03 Jul 2023 14:08:05 GMT
vary: Accept-Encoding
x-azure-ref: 20230703T161504Z-7e7fagxwa94wm3k292wrgzfe7w000000025g00000000n7u9
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c2fb5c04-201e-0089-42b7-ad4ef8000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H2

200

c.gif
www.bing.com/aes/ Frame 78EA
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2d4b0037-7a95-410e-a27a-7dd1d6186a10&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=4466957b-7d66-4683-a7e6-7c46c6348e59&rlin...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58dd2eb3eb3e4acc9c27909b842e6351&SNR=1&GV=2&med=10

0
525 B

75ms
70ms

Image
text/plain

2a02:26f0:480:22::1726:62db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58dd2eb3eb3e4acc9c27909b842e6351&SNR=1&GV=2&med=10
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: H2
Server: 2a02:26f0:480:22::1726:62db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 39BD87936A8545FBA36DA52E06B30D1D Ref B: FRA31EDGE0219 Ref C: 2023-07-03T16:15:04Z
x-cdn-traceid: 0.1bd53e17.1688400904.17225641
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 03 Jul 2023 16:15:04 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1BDF06DAE76442DAB7E5750B56722A58 Ref B: VIEEDGE2514 Ref C: 2023-07-03T16:15:04Z
x-cdn-traceid: 0.1bd53e17.1688400904.1722558f
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=58dd2eb3eb3e4acc9c27909b842e6351&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/236/ Frame 78EA 80 KB
27 KB 142ms
31ms Script
application/x-javascript 23.32.184.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/236/trk.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-184-180.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 107056ea90d27efb0e0266bf5cd1ae3b8257f1585851bda2a3201171b88bbab8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 16:15:04 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Jun 2023 12:59:52 GMT
Server: AkamaiNetStorage
ETag: "f0bafecba1d02c9fef00dbbaa8ee7f04:1686833992.592773"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27646
Expires: Tue, 02 Jul 2024 16:15:04 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 78EA 0
934 B 94ms
21ms Image
text/html 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwheregoes.com%252F&e=wqT_3QL7Buh7AwAAAwDWAAUBCIboi6UGEIDVsf712pTKLBgAKjYJ96BIv3qYij8RhDK4NQ5EiT8ZAAAAgOtR4D8hhA0SACkRJNAxAAAA4FG4nj8w9e2zCzjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t42NcFgAEBigEDVVNEkgUG8FiYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKf8D_qAhZodHRwczovL3doZXJlZ29lcy5jb20vgAMAiAMBkAMAmAMXoAMBqgOEAwqaAhUsHHd3LmJpbmcuASvwYWFwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTQ0NjY5NTdiLTdkNjYtNDY4My1hN2U2LTdjNDZjNjM0OGU1OSZjbUV4cElkPUxWMyZvQWRVHUVUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOkloAuHJ0eXBlPW51cmwmdGFnSWQ9MjM5MTgzMjUmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0PgFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzIxMjI4MzUxOTIwMDY4NDY3MiIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE13TVRNME9UWTROemc0T1RRak1qTXpORGd4TWprME1UZ3dNVFExT0E9PcADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMjSoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcvijdDM6LDhO8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAABUEZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB9jXBdIHDQkRKAEmDNoHBggFCWjgBwDqBwIIAPAHkfgBiggCEACVCAAAgD-YCAE.&s=9a4a2df03f142ff135583d48a4ddf1cbb0f86359

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:04 GMT
AN-X-Request-Uuid: af5cdddb-3a87-4018-97ac-f77d9b39c228
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 20AD 185 KB
56 KB 272ms
130ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d1f49ff32bb0a337c0ee4586abb29e10eeff04540357dfdd5c33dd3d13089ef9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 16:15:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=IHKWa6ofaZTlGES0fVmtRl23dR9cLnfGYEdukUHcgHnARsV-Q2E-aLdSd94eRkvH1Mj2pBWkdoeGzSFAwJx-XnFaqlNhbxXGsKKcqB9we07J6jJT4ZpMrZLjWrKAhJ9sJQFYH_8DxeBooTnU_cNo9oUPFNzriA36I5sl5hy8tPZi9_K8U5jHoeLDLsU2Ri2DKnCG1-VyyNgaUnONG3h0sqkxIBlNAvmXiTGHqZPt8SwBJvIDNFGQY9J5Fq2wlZQ6ZvXM4r17GgKdV_ha"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 80210907
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 12CF 281 B
554 B 94ms
31ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 16:15:04 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 fdedb014-77fc-4bbb-b15e-fc51c5739329
beacon-ams3.rubiconproject.com/beacon/d/ Frame AB97 43 B
227 B 175ms
28ms Image
image/avif 2602:803:c003:200::77
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://beacon-ams3.rubiconproject.com/beacon/d/fdedb014-77fc-4bbb-b15e-fc51c5739329?oo=0&accountId=18812&siteId=405332&zoneId=2271886&sizeId=15&e=6A1E40E384DA563BBE95F5FA80845F7C04C5FF30C1AE58334D3B97915F862795287A629A88143CF196BE559B0C1D1BAEB8B520C669668569785D96A0666E7C76524A6FC589153873E12BB6BA04C926BC3090C0F91BA1AA1AE5726302E52DA4EACC7F4424602DEA511BF4CCACA6D226C53AD2390161DC8C5BE7CB00115943F85071EB4A0B18BAE4F37AB42749A9900C4176E2475265EB5084BCF8DE339737AB23134F30FAAFC04CEA0AE98B7BFADDFE5C192E632EF3420FA9498E2E0AC3711B78C5C19F9F1493D2E35B2C02D47D37AA8B19837C274BD62AB1DBD83687C91251307415882535ECF3F2546E6B8A8686E00F169E088E54E7BE19989A14C03389924F2738DF4A85CA779E3979D7DC81349D546A1BBD8F676963DB2473009ED46BFB84AA1FF5D360379CC432D118308791AE0F2DBAD235FEFAB8C5EC0F9BC7D164788A996824081EDED3E12957700E966B34A90979291EB400EC577A72E64C960E384EA3F1107984D545EF8B4929F9BEDD40F763EEC0A74EE131E72B5B81A75A9CAFB333AA184EADD0343D16339496391FEBC124A8C20E5AB189AD874CF08E8A19C820FF44BE0E39AE9E1BD642A1511EB7CF95C8C79B183C4AF6EE173B65EAE687F508F9725597218C8F6727A670117EFB3C82DDAEEDE3E06D9CF69EB03030CFDD751555327073AFDA12E63042D14C5578B33D0A4C48F1E9A8ADBCFC34AC055BE2EF8A63139C9DD1BC9C9D6B4439C02F7279A7931739D6288A18A96D147B3D8BA22341A94E58253E673EB711A4F06FC44DC1E04D5DC964E506C7678422AF6EB20E3E046363FF2F73B8134493A3708AA9676DF11BB9CE698CA543726C7752D6D2110C036BA0B49858E665B175950DC69C162537F0C47DFEEE86B0A2B9528B48A301834D6BE341C061A9F32E33E7C4F0A83682F9DA8E313406DA274FF544B24B6AB50DA4BB712F2EF9D0F8D4ECD0522EEC8991F65EC8E64DB25F9E18B8E075182C0C0A451B6F54DB9F26413DC34A4D9352448A2A5D889C4AC4288A4424021E7DFC61A4A3886E84323C9245006609A6B4962235AD3849134E9FB8E816ADAC051963742E89A73301C49540A51FB138E4A709303774DF1E94966B16B3BEE40A4FB82792E0E0F9DBF3A11948960C69A8906358651F339739991F065EF709402E2ECFC70A7060AA1C7B2497EEBE7DD36DABE119AE87D3DE34EB0F3147FE33C77780B83A72427A

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2602:803:c003:200::77 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),

Reverse DNS

Software

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:03 GMT
x-content-type-options: nosniff
x-frame-options: DENY
content-type: image/avif
cache-control: private, max-age=0, no-cache
content-length: 43
x-xss-protection: 1; mode=block
expires: 01 Jan 1970 10:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame AB97 0
0 118ms
64ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjkVhaM7iOSQkDcMuwkS7zhCPq75EIbc38f16X3KLplTw9ushPKWjX_OlUnXoc0zTHsaROcxV_bL2Axm46srqHS0wp625uhPnXIW779XFW9dh1Sp60j_1fa7_VuzZQuvIg5sfaCG66HOis5V2-W1aA3L1UiPBa34fWvYrWh8odSd6kR05UrltgCp4x1NZN2ngo-EXY-6jGJY1OvAMf1n7HK1SFuhZpKsRKPjir4UGOS1WeL8-YysKIDDge4BYdn4vfSd5JDiSCMORYu8YvbA-Qif0m1x5mvrM1oZhPZM6nMoyli2z8w2TXMSU7Q0SiUaf4viry2cHKAPR2FqRgDeNk6VJyYrmdGAc&sai=AMfl-YTAEyIxPZKLU16qCSTPc46m8mXBWobaG4_S4Bzx67YX7y53fwd9pCN-hKwqnbWYduFZJ-E2lbCW6HQWeYlbY1OQjiFHWQlWBqgzdq_RNOZbkEhMDG4UzvVq1L5Yb2Dy_YDM211Jp6LLN2Bhdz2X&sig=Cg0ArKJSzE4MWiDVf7V6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 16:15:04 GMT

GET
DATA 200
OK truncated
/ Frame AB97 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77b750f26652131965a758b5fc086e432c25fc09e7438354c1a10a7439b2be97

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306280101/pubads_impl.js?cb=31075744

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 03 Jul 2023 16:15:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1C31 0
0 63ms
62ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuig75_LQ99c-I70MclJV8Tg1XaI8OCM9uw07pjF2Lb2G_9j5yVPmM2wtwFXUViViUf7XZguA9RSa5U8DSKeE6tmPfVuDoz6HQwh13j3BvEa5ENLLQYbrA8jRkX5ySk2ecWnL41LiNel2Rqyk0zQQzbZcxzHICnBQv4rflnIY7gYOPTUfSnBmxg2ZsNLC6_0w7Uw-tPuksCWShkrfxDdLbE2EYcFlNK_pldFBEdX-OQhI4io_uSTEWBoHVmVaSIu_NVCZHxQjZp68mnFt4x3RbT17KKX2CBsL4od_5TLGqex7NTYWDzTskUMd9BlIL6_JES6fNJ5WfJYLV7dN8fAjXuH_Q2juVEc9FSgVwyiw&sai=AMfl-YRnJhB6gtmDemP5WjD6ixgx_nz1ippb5ND8tGSU0RYBYZ5RUuthTnZhPbyYLnRqt5iK8xpADqJ3zOsJbI3u6oBArikrzh67Dk__TNvsAlyw61ihdq5WHC29tycL6cOcvVLp5eET4pnTPv2F4oXO&sig=Cg0ArKJSzBwLwNW1jS-yEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 16:15:04 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 12CF 34 KB
10 KB 24ms
23ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 63da5a8ef44c8b56cf1dd58484d8b15bfc77dbfdaccbf7dd43ef48c1a7dcde49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 16:15:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Jul 2023 14:48:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81238
Connection: keep-alive
Content-Length: 10113
Expires: Tue, 04 Jul 2023 14:49:02 GMT

GET
H2 200 5b95a00dbc73020dd9b9.js Show response
adsdkprod.azureedge.net/native-to-display/ Frame 78EA 60 KB
24 KB 104ms
48ms Script
application/javascript 2620:1ec:46::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdkprod.azureedge.net/native-to-display/5b95a00dbc73020dd9b9.js
Requested by: Host: adsdk.microsoft.com
URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d7ae309588831dec5a834a07283f67edf76959582ca86e10fdcd5943679f708a

Request headers

Referer: https://wheregoes.com/
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: br
last-modified: Mon, 03 Jul 2023 14:08:05 GMT
vary: Accept-Encoding
x-azure-ref: 20230703T161504Z-ra9ff5yqmt78v9nmrfrsrsc6t000000001hg0000000019ne
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: fefaaef2-e01e-0045-65b7-ad3ea5000000
cache-control: private, max-age=3600
x-cache: TCP_HIT
x-ms-version: 2009-09-19

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 78EA 0
934 B 33ms
32ms Script
text/html 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwheregoes.com%2F&e=wqT_3QL3A-j3AQAAAwDWAAUBCIboi6UGEIDVsf712pTKLBgAKjYJ96BIv3qYij8RhDK4NQ5EiT8ZAAAAgOtR4D8hhA0SACkRJNAxAAAA4FG4nj8w9e2zCzjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t42NcFgAEBigEDVVNEkgUG9BcBmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgAp_wP-oCFmh0dHBzOi8vd2hlcmVnb2VzLmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjIxNy4xMTQuMjE4LjI0qAQAsgQPCAAQARjYBSBaKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXL4o3QzOiw4TvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AUA-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAABE5AQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfY1wXSBw0JASIBAQEmDNoHBggFCWjgBwDqBwIIAPAHkfgBiggCEACVCAAAgD-YCAE.&s=258bb496994c125d02abe88ba845e3e226e36d27&bdref=https%3A%2F%2Fwheregoes.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwheregoes.com%2F,https%3A%2F%2Fwheregoes.com%2F&

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:04 GMT
AN-X-Request-Uuid: 6ffbcdd0-5727-4faf-9366-934232135546
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8ADD 13 KB
5 KB 24ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 14:56:22 GMT
expires: Tue, 02 Jul 2024 14:56:22 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4C5D 783 B
1 KB 85ms
31ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

76b8ed683e327426be09166ef349531980231f8e8960cbc2258737f24c112127

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lCliAq3D74sI5bNS5E0xHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-lCliAq3D74sI5bNS5E0xHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 16:15:04 GMT
expires: Mon, 03 Jul 2023 16:15:04 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 78EA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9965821386af88179fa401ee1d17fc6889c6379d80a9be2aa0257d44d9b745d4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 78EA 0
954 B 25ms
23ms Ping
text/html 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwheregoes.com%2F&e=wqT_3QL7Buh7AwAAAwDWAAUBCIboi6UGEIDVsf712pTKLBgAKjYJ96BIv3qYij8RhDK4NQ5EiT8ZAAAAgOtR4D8hhA0SACkRJNAxAAAA4FG4nj8w9e2zCzjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t42NcFgAEBigEDVVNEkgUG8FiYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKf8D_qAhZodHRwczovL3doZXJlZ29lcy5jb20vgAMAiAMBkAMAmAMXoAMBqgOEAwqaAhUsHHd3LmJpbmcuASvwYWFwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTQ0NjY5NTdiLTdkNjYtNDY4My1hN2U2LTdjNDZjNjM0OGU1OSZjbUV4cElkPUxWMyZvQWRVHUVUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOkloAuHJ0eXBlPW51cmwmdGFnSWQ9MjM5MTgzMjUmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0PgFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzIxMjI4MzUxOTIwMDY4NDY3MiIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE13TVRNME9UWTROemc0T1RRak1qTXpORGd4TWprME1UZ3dNVFExT0E9PcADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMjSoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcvijdDM6LDhO8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAABUEZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB9jXBdIHDQkRKAEmDNoHBggFCWjgBwDqBwIIAPAHkfgBiggCEACVCAAAgD-YCAE.&s=9a4a2df03f142ff135583d48a4ddf1cbb0f86359&type=nv&nvt=5&jm=1003&px=436&py=374&bw=728&bh=90&sid=8962473871195820097&vd=ct~0|rr~0&sv=236&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23918325&sw=1600&sh=1200&pw=1600&ph=2832&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/236/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:04 GMT
AN-X-Request-Uuid: 5af3468c-52a6-406c-9d2e-9adf529b61b3
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 12CF
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWE1ZTQyNTZlNmZiZjFjMmEwZDU0MDIyZDVlMWFjZTNkZWQwMDczYg

170 B
243 B

36ms
35ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWE1ZTQyNTZlNmZiZjFjMmEwZDU0MDIyZDVlMWFjZTNkZWQwMDczYg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NWE1ZTQyNTZlNmZiZjFjMmEwZDU0MDIyZDVlMWFjZTNkZWQwMDczYg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 12CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMk5DhXrkQCcbbDpzip9wM&google_cver=1

0
239 B

109ms
33ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMk5DhXrkQCcbbDpzip9wM&google_cver=1
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHMk5DhXrkQCcbbDpzip9wM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 12CF 70 B
265 B 143ms
44ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 12CF
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJN2AYJ7-1O-357I

0
650 B

179ms
123ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJN2AYJ7-1O-357I
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 79AA833428F243F79B63C1E3120CFC4C Ref B: DUS30EDGE0421 Ref C: 2023-07-03T16:15:04Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/l3gnuNUZ5wZsXSfS/A==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LJN2AYJ7-1O-357I
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 12CF
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=UsJD81-2SNevZE02K6Wbiw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UsJD81-2SNevZE02K6Wbiw

43 B
479 B

113ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UsJD81-2SNevZE02K6Wbiw

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A73WE3FXSZ316AM1H35Z
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=UsJD81-2SNevZE02K6Wbiw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 12CF
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Az-AQFrbxuurPNTQokWVksn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VHD8iNZE2oJ75utF55IIkhneSI4RgIG7LoOKUg--~A

0
239 B

22ms
22ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VHD8iNZE2oJ75utF55IIkhneSI4RgIG7LoOKUg--~A
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-VHD8iNZE2oJ75utF55IIkhneSI4RgIG7LoOKUg--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 12CF
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEpOMkFZSjctMU8tMzU3SQ==
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENUwp0fI1D0dZ13SZ9T3ko4&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpOMkFZSjctMU8tMzU3SQ==&google_push=

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpOMkFZSjctMU8tMzU3SQ==&google_push=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEpOMkFZSjctMU8tMzU3SQ==&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
Expires: 0

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 12CF
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=bSs6jiaUR-6SyX2SE1n9_g&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bSs6jiaUR-6SyX2SE1n9_g

43 B
720 B

131ms
130ms

Image
image/gif

67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bSs6jiaUR-6SyX2SE1n9_g

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/

Protocol

HTTP/1.1

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:04 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QK30KYQM6C4QW4STKZWM
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=bSs6jiaUR-6SyX2SE1n9_g
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 20AD 2 KB
1 KB 33ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Jun 2024 16:15:04 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 20AD 2 KB
1 KB 34ms
34ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Jun 2024 16:15:04 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 20AD 308 B
636 B 34ms
33ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 27 Jun 2024 16:15:04 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 20AD 293 B
621 B 33ms
32ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 27 Jun 2024 16:15:04 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 20AD 43 B
348 B 150ms
37ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=8QsAWGSB3MrkSUsLz9zqr25VC_m2hInU77V8ZX9T94ujbFS1rfZy41dzPO6F4yrHAHkLN0SF7N3izE-JcBrIrA2-FT1N1P476Pawa7Af1FHwjtwboASSgtJMqz4nIl3cElE9D0Kw6Bqvp0hHyIK0uJ9NOF4KoRl0OEbF36CHaHbD9Q_vbZJzZvZxcGLGYYASP9eNQvU3CXGFWVYKXOSFwOReaOhr54x_F1ddeDjUVbBUlVxx53shrf-MGPigLq4YZ4ABhfhcwKQnE97gY3jGuxVZ55SjXgk8nBJxQBnwaippQSNYEYmjxb3zsau-b-KQqCi4KUEaQ7QPs9J-AeLCcc72OSmRMRzY3JYlvE26tI9REDP5djoaz6B4QRerbYt8ILIMt9xvHXHyqdz8CSVtfjdtuvhm4QpQjm17N_txPuKQUNSFiw0SiG6l8aEEi9gdt6fOBQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2401111
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 th
www.bing.com/ Frame 78EA 3 KB
3 KB 38ms
38ms Image
image/jpeg 2a02:26f0:480:22::1726:62db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7834073468585_1WVBHRDR7AGG8U7WHS&pid=21.2&c=17&roil=0&roit=0.0333&roir=1&roib=0.9679&w=200&h=105
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a02:26f0:480:22::1726:62db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 0273c44e8eacfe524e0741d7fbd39bd1fa06ea68fd1cc7018bb6068ef369f24b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.1bd53e17.1688400904.172256bd
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 3505
alt-svc: h3=":443"; ma=93600
quic-version: 0x00000001

GET
H2 200 dis.aspx Show response
widget.nl3.eu.criteo.com/dis/ Frame F728 6 KB
3 KB 144ms
33ms Document
text/html 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=7944&cb=64a2f407afdb4675e028503b42a6f34d&r=https%3a%2f%2fwheregoes.com%2f&crossorigin=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf71409607b155a60a82913496c9bc935e1a6e992aa81f4c9be20d79a78f3eb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 03 Jul 2023 16:15:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 2537557
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
vary: Accept-Encoding

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 20AD 12 KB
5 KB 75ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1791109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cCEZUVaAX5cqsDrv3gwrsHZqCdGTdAGyCW5%2BYn9SLcv%2BalUhPHBRW8MXWiSFxv%2BupWaiMxSKKNhSm%2FSJJnAxz%2FBarizT9O%2FP9CUksM0w%2BCH%2FEGx5D7zKUdAra0%2F08copl8Ie7f6B9qJjy%2BeH%2B9oPzkY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e106cd4f99e18d2-FRA
expires: Sat, 22 Jun 2024 16:15:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4C5D 0
0 103ms
58ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306280101&jk=56907534514127&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 20AD 12 KB
6 KB 37ms
37ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Jun 2024 16:15:04 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 78EA 0
0 62ms
61ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsta5ZITcL7iGohjIQuauFLzv-hrr7EYytTmw3IQqA7rCGMoC_xQWy47iixPWjxxANDkDJiIjEh7U2xvHkNCy5eqtzgrNfVL0vOo4vlYoHFUj7wMPTkQSmxAgRgFqSQw4Z7VYR_ZRoYvcuvLwKdXAi-bgtNTUPFRBz3hm4W5rAYm-SDD3VbOOM7jpKdndhmTikp_v4dr_gfRVVmj4Enf15Jn34-7ynmkn-d1E097Ot3sWyH1Fz9PE1zCGg7PQZmZsgcyiOovh_oUcOOigjkAiiNzFHcfWL3TGMPcqLFsjfaqh1SjlfSKKkX0j3T-CibpYsCeic-0fUi0FolBazdgviL5igD-zvjyxymKboM&sai=AMfl-YQVNKwcJTFVG7xDDCcGRDO36JaeI7F3pQQIgdojyl8foJGCQndbzTeC9uXNweCub8sh7RRQU5mS8u0MpnSW8xqqJHNbonaJUPGp3t_lYjcnC5sk35uyBraf1jTlBnoBd79_d2igzor0_aPCJzrR&sig=Cg0ArKJSzNNbirqehXLYEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 03 Jul 2023 16:15:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 20AD 4 KB
5 KB 196ms
83ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=90911&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F90911%2F230330%2Ff3701420e70a4cd68a211585ac043f02_criteo.png&v=3&w=596&s=KMZGaa_M40N_m9sJywHE7hqa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6ae2b5dceb7bc36744045aa7c9b63d355f7edf84e8c5970a41e00e06e00e3014

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 4513
expires: Tue, 25 Jun 2024 07:47:23 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 20AD 27 KB
27 KB 180ms
68ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90911&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0007%2F0179%2F2313%2Fproducts%2FEliot_SFE1_SFT120x70DW-19_de8f5185-1e35-49f7-9cdb-c75310ec8699.png%3Fv%3D1669622753&v=3&w=400&s=bxek4S5iObSSShr-tRN-Wj0f&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

776b1cbba00a9a163150991fb7f0948ddc7d3dbe490623a77ec9aee4169fbd53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 27783
expires: Thu, 13 Jun 2024 05:40:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 20AD 27 KB
27 KB 244ms
132ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90911&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0007%2F0179%2F2313%2Fproducts%2FSFE2_SFT_120x70_DW-19.png%3Fv%3D1664183751&v=3&w=400&s=7BwO2ad2X_3bUGq05IMYCFQ2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

709bffc303ae80d5b101d98cad5d9f73e0ee99693901fb538bae78b3ca12996f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 27300
expires: Thu, 13 Jun 2024 06:55:55 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 20AD 47 KB
47 KB 218ms
106ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90911&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0007%2F0179%2F2313%2Ffiles%2FWireless_Charger_Zens_01.png%3Fv%3D1683892062&v=3&w=400&s=hJQZ91lYHGhAm97G1arOJsBL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

422ded8741cc19c66bf1088825ea4600e8e1c68f10faaa156c0ebe5c76825a21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 47667
expires: Fri, 07 Jun 2024 06:28:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 20AD 29 KB
30 KB 256ms
144ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90911&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0007%2F0179%2F2313%2Fproducts%2FEliot_SFE2_SFT_120x70_SG-19.png%3Fv%3D1681480340&v=3&w=400&s=uQP5YI4keRkasCszr6V4ScuD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

275a9b746fb8d1d3af274d8648380a2b1544ed0fdab4b412079943827b5bdbb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 30034
expires: Mon, 10 Jun 2024 06:57:12 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 20AD 9 KB
9 KB 236ms
124ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90911&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0007%2F0179%2F2313%2Fproducts%2FSFXL-pro04.jpg%3Fv%3D1673453447&v=3&w=400&s=Lx9pyyRC6fR08PAh0xsxPO8U&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8bfd21c272adc80071a614ebf5570173e685a612ab7f3b20b8e7f88c3161acda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 8850
expires: Thu, 13 Jun 2024 00:42:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 20AD 23 KB
23 KB 123ms
122ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90911&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0007%2F0179%2F2313%2Fproducts%2FEliot_WeissmitFenixgrigio.png%3Fv%3D1669365371&v=3&w=400&s=YhyE8eiZciAlLoTc2TfmFxbi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5c7face9ffa10c0836cfd29550f0a85393aeaaf5adf705323c0781887a050528

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 23113
expires: Thu, 13 Jun 2024 09:40:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 20AD 25 KB
25 KB 137ms
136ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90911&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0007%2F0179%2F2313%2Ffiles%2FLock-Eiche.png%3Fv%3D1685025139&v=3&w=400&s=EVwpzc6FGp1Vwmh2TZwsQ3Yp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b5f56ebd1c15c249468578fe108e7480c1a5c1a5a99db0e8a40ab9cad547c817

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 25417
expires: Thu, 20 Jun 2024 09:20:20 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 20AD 30 KB
30 KB 129ms
129ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90911&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0007%2F0179%2F2313%2Fproducts%2FProdukt_1200x1200_Eliot_Eiche_W_1676dacd-de7c-46e2-b3b4-1b589e4ed5ff.png%3Fv%3D1643984288&v=3&w=400&s=p-77whZYuqfssglqxJezCBbe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

854728e3085c8e567946b3c5eef967d20566453a3f8fb292a5c1a40632e53443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 30861
expires: Thu, 13 Jun 2024 04:35:26 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 20AD 7 KB
7 KB 136ms
136ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=90911&q=80&r=0&u=https%3A%2F%2Fcdn.shopify.com%2Fs%2Ffiles%2F1%2F0007%2F0179%2F2313%2Fproducts%2FSF-desk-w_0_3282697e-b8d6-4aaf-985f-018988875ffb.jpg%3Fv%3D1656336842&v=3&w=400&s=JLbD5SxJ5S2nDe_I8bxoZxuo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b1bd947c620f6b1eb2b16a5d57721fdea31fa1be9c26ac965026485353a852a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 7100
expires: Mon, 17 Jun 2024 14:59:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 20AD 0
128 B 142ms
33ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=IHKWa6ofaZTlGES0fVmtRl23dR9cLnfGYEdukUHcgHnARsV-Q2E-aLdSd94eRkvH1Mj2pBWkdoeGzSFAwJx-XnFaqlNhbxXGsKKcqB9we07J6jJT4ZpMrZLjWrKAhJ9sJQFYH_8DxeBooTnU_cNo9oUPFNzriA36I5sl5hy8tPZi9_K8U5jHoeLDLsU2Ri2DKnCG1-VyyNgaUnONG3h0sqkxIBlNAvmXiTGHqZPt8SwBJvIDNFGQY9J5Fq2wlZQ6ZvXM4r17GgKdV_ha&sds=2&rev=87270&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 03 Jul 2023 16:15:03 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 20AD 2 KB
1 KB 37ms
36ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Jun 2024 16:15:04 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 20AD 2 KB
1 KB 39ms
39ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Jun 2024 16:15:04 GMT

GET
H3 200 zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8ADD 37 KB
14 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zBQz3-TNDKCcnEtYIoHgFkOKi9KToA93A8ow_70HNHU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 12:50:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14692
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 15:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 02 Jul 2024 12:50:19 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame 20AD 682 B
665 B 46ms
45ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Jun 2024 16:15:04 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 20AD 23 KB
23 KB 134ms
65ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 27 Jun 2024 16:15:04 GMT

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 27C6
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-yP1TBgQ3-27fV-vRAxjtKO48xYuAhDwVa3iYVA&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-yP1TBgQ3-27fV-vRAxjtKO48xYuAhDwVa3iYVA&expires=30

43 B
345 B

27ms
24ms

Image
image/gif

35.157.132.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-yP1TBgQ3-27fV-vRAxjtKO48xYuAhDwVa3iYVA&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Server: 35.157.132.87 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-132-87.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-yP1TBgQ3-27fV-vRAxjtKO48xYuAhDwVa3iYVA&expires=30
date: Mon, 03 Jul 2023 16:15:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 27C6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-fXMJmgQ3-27fV-vRAxjtKO48xYvaexDK99KQSw&google_cm&google_hm=ay1mWE1KbWdRMy0yN2ZWLXZSQXhqdEtPNDh4WXZhZXhES...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-fXMJmgQ3-27fV-vRAxjtKO48xYvaexDK99KQSw&google_gid=CAESEPROL_irdd2AKoKo5BhuJ-4&google_cver=1&google_ula=913071,0

43 B
369 B

108ms
28ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-fXMJmgQ3-27fV-vRAxjtKO48xYvaexDK99KQSw&google_gid=CAESEPROL_irdd2AKoKo5BhuJ-4&google_cver=1&google_ula=913071,0

Requested by

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 908365
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-fXMJmgQ3-27fV-vRAxjtKO48xYvaexDK99KQSw&google_gid=CAESEPROL_irdd2AKoKo5BhuJ-4&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 27C6
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8827646718600857853

43 B
370 B

115ms
27ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8827646718600857853

Requested by

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:03 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 938415
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 03 Jul 2023 16:15:04 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b76d80c6-940c-49ca-9988-3f1718880a99
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8827646718600857853
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK setuid
secure.adnxs.com/ Frame 27C6 43 B
1 KB 68ms
21ms Image
image/gif 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=k-JDgP5AQ3-27fV-vRAxjtKO48xYt_fY3RgajKVw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:04 GMT
AN-X-Request-Uuid: 6f091280-8e99-4d8d-88da-58fde51b45f4
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 27C6 61 B
793 B 172ms
102ms Image
image/gif 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-9pZGOgQ3-27fV-vRAxjtKO48xYuqZi5lfiIIkQ

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 03 Jul 2023 16:15:04 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Mon, 03 Jul 2023 16:15:04 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 27C6 0
239 B 27ms
23ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-eKaCJAQ3-27fV-vRAxjtKO48xYtrOCoogtx1Bg&expires=30
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 27C6 0
366 B 120ms
19ms Image
text/plain 3.65.56.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-paebIQQ3-27fV-vRAxjtKO48xYvjgtHhQ2DGRQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.56.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-56-209.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 27C6 43 B
163 B 157ms
30ms Image
image/gif 185.86.138.152
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-yDtJAgQ3-27fV-vRAxjtKO48xYuO_0u6GPKEmA
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 27C6 0
99 B 343ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-WzyL7wQ3-27fV-vRAxjtKO48xYu2LPLpzbVp1Q
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 31806

GET
H2 200 um
criteo-sync.teads.tv/ Frame 27C6 23 B
163 B 162ms
48ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-D_11RAQ3-27fV-vRAxjtKO48xYvkQ_kaKTJ5hQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires: Mon, 03 Jul 2023 16:15:04 GMT
pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 27C6 37 B
140 B 91ms
21ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-va3beAQ3-27fV-vRAxjtKO48xYu5_T5sRZXQTQ&dongle=013b
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 27C6 0
125 B 162ms
26ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-D7OKgQQ3-27fV-vRAxjtKO48xYvItHaDh7SIQQ

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 27C6 43 B
163 B 145ms
36ms Image
image/gif 37.157.5.133
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-3cclmwQ3-27fV-vRAxjtKO48xYu8cij5bFAJtw
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
last-modified: Fri, 18 Nov 2022 16:49:04 GMT
server: nginx
accept-ranges: bytes
etag: "6377b780-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 27C6 49 B
236 B 127ms
43ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-EwnlugQ3-27fV-vRAxjtKO48xYtVG3O-RHWqhQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 12
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 27C6
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-bBTnRwQ3-27fV-vRAxjtKO48xYsYTRBOlDAURw
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-bBTnRwQ3-27fV-vRAxjtKO48xYsYTRBOlDAURw&C=1

43 B
766 B

23ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-bBTnRwQ3-27fV-vRAxjtKO48xYsYTRBOlDAURw&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-bBTnRwQ3-27fV-vRAxjtKO48xYsYTRBOlDAURw&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 27C6
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=ra0hWV5iSZutbp-KRlgKon00jJaZpyfW
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ra0hWV5iSZutbp-KRlgKon00jJaZpyfW

42 B
942 B

53ms
52ms

Image
image/gif

34.246.32.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ra0hWV5iSZutbp-KRlgKon00jJaZpyfW

Protocol

HTTP/1.1

Server

34.246.32.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-32-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-09e2763b9.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: re2b8h+vTtg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v050-0db816301.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: gekJl8XYQqM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=ra0hWV5iSZutbp-KRlgKon00jJaZpyfW
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 27C6 43 B
1 KB 80ms
34ms Image
image/gif 141.95.98.65
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-39sMwAQ3-27fV-vRAxjtKO48xYvFq1_o5ZKuXw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.65 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216659.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 27C6
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-l8pcuAQ3-27fV-vRAxjtKO48xYva1zotya-J3A
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-l8pcuAQ3-27fV-vRAxjtKO48xYva1zotya-J3A

43 B
447 B

53ms
53ms

Image
image/gif

52.210.241.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-l8pcuAQ3-27fV-vRAxjtKO48xYva1zotya-J3A
Protocol: H2
Server: 52.210.241.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-241-171.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Jul 2023 16:15:04 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-l8pcuAQ3-27fV-vRAxjtKO48xYva1zotya-J3A
access-control-allow-origin: *
date: Mon, 03 Jul 2023 16:15:04 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 27C6 42 B
274 B 101ms
33ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-sGnxiwQ3-27fV-vRAxjtKO48xYs8UlQ2a_pg9w
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 27C6 0
885 B 132ms
70ms Image
text/html 18.196.116.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-BRsc5gQ3-27fV-vRAxjtKO48xYtKOIqIsknPUQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.116.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-116-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 27C6 0
145 B 461ms
103ms Image
text/plain 64.202.112.191
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-byTg9wQ3-27fV-vRAxjtKO48xYvJBnpUaTMqzA&initiator=partner
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 Chicago, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 16:15:05 GMT
Cache-Control: no-cache
X-TraceId: 97031d841c81fa14d4ea3e2995a86b92
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 27C6 42 B
580 B 149ms
33ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-NKdMNAQ3-27fV-vRAxjtKO48xYu9_pvyvj9l7A
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 03 Jul 2023 16:15:03 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 27C6 43 B
399 B 401ms
111ms Image
image/gif 2600:1f18:612b:4264:77de:c90c:e766:ea27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-cJ9aZwQ3-27fV-vRAxjtKO48xYsDXkJlsAc6vQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:77de:c90c:e766:ea27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 03 Jul 2023 16:15:05 GMT
server: nginx
content-type: image/gif

GET
H2 200 getusermatch.php
a.twiago.com/rtb/ Frame 27C6 43 B
153 B 147ms
39ms Image
image/gif 85.215.5.31
CRONON-BERLIN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-L5FuPQQ3-27fV-vRAxjtKO48xYuiWEXNdl29VQ
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software: Apache / PHP/7.3.30
Resource Hash: 5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 03 Jul 2023 16:15:04 GMT
server: Apache
x-powered-by: PHP/7.3.30
content-length: 43
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 27C6 0
400 B 130ms
44ms Image
text/plain 23.215.16.120
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-13j5qwQ3-27fV-vRAxjtKO48xYsbOcKe0rvyAg
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.215.16.120 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-215-16-120.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:04 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Sun, 02 Jul 2023 16:15:04 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 27C6 0
38 B 215ms
45ms Image
text/plain 52.210.13.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-SugpIwQ3-27fV-vRAxjtKO48xYuAClwj_Yg4qA&pn_id=criteo&ext=1
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=0CC735899A8DACDA&u=%7CuQsGrpJJYyfOvbr1GXYeGo3rQkLG8vwpiqJQ%2Bci7Qjc%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU870gEAOzIR7LKk_mcvZ6vJsCmbh3GlMA9xW1E4e--yQkBq5MWt97LlyueX6xA35gLXHDelc9Hq0ZGKMGEfBjyv7Z1kvJwu1JdniutKS7dS3A5kCe0EuiV6l0QJ3tagbZB8DSTJlOKvZOQ8aTGMaHZy06oQF_yuU9zUTk7WMc9WyTU1lzxA19sfxJc5AhQ3rtiZ9mtbb8NpPTmm1LIa4z3NmQ20mjDUlL4BJCUwgjpjvTOdpc9i2cyuwjP0UjKy7ZVrhQ3T73zCfNjTtbmjKZg4N1PLBzAF6eNQP51hUZiqjo7GI7W4yQzhN_5zpeJObbDl7QdVASVfGGmd0ZZXaurDz83aRY8VZx2DNruA4OT0n3JtDMz8vHiQ_EutUprQghcp0mNE1I-wr3CGA02srhcH4kYyD5gzKA-aM2utAG_IS9n-pEZwAQsVysQ18i8EFXdbMvscD19efNiePA4EFG0iv2OQYY_0Uuyg4lYi6znJfFnpRIyoN8yab3B5gY12m82ZwJFVLuf-3Vb8j6CY_CpvSBiSyoVOrffYfoj826plKD_TyaurleQW6ofw53xbHcSkxKWBJyrZQVVvAn3jxQcL-_UHfjMJR3HAKklmkb1YU9CPfUjBop66DJnt5uQXa3f7X4yKhq11IQwEiVx8SNY8bg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.13.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-13-95.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:05 GMT
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8ADD 0
10 B 24ms
23ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?s3WriA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:04 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 27C6
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kewuHILRpECldGk_-9HOC3BBUupg7pqQ

0
338 B

213ms
45ms

Image
text/plain

52.50.52.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kewuHILRpECldGk_-9HOC3BBUupg7pqQ
Protocol: H2
Server: 52.50.52.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-52-186.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: beacon-n016-dub-prod.krxd.net
date: Mon, 03 Jul 2023 16:15:05 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1688400905
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=kewuHILRpECldGk_-9HOC3BBUupg7pqQ
date: Mon, 03 Jul 2023 16:15:04 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 669401
content-length: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AB97 42 B
174 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUxUmGCU6J7kqNFi5mLUbU0pWi6Mokt1b86gyGSYTnaLEkmsvsddw8h3JstFM_OKIiRLwYIMGDWnGa-D2YUCpe1kH0Dm6-qI656q8Zxd2Nm_pxNx1_&sig=Cg0ArKJSzIKdNAyFzEJXEAE&id=lidar2&mcvt=1000&p=600,1091,854,1391&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20230628&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=2861055222&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688400903917&rpt=162&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C31 42 B
108 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZVriGTYIIViIpaEp-LkjyS2SIZa3Gd-4UNBEJv5Ic-sFF9V79adBL0xD_sSWFfl8z2bZudRpFvFepEt-xIEM4Ky3kdRnKX6znJSRKM8Zy_peT5hl9&sig=Cg0ArKJSzNdbreJvAABpEAE&id=lidar2&mcvt=1000&p=884,1091,1134,1391&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230628&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3809685794&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688400903926&rpt=211&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cs
s.thebrighttag.com/ Frame 27C6
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=FTxFYtET4v5Jb6QL_wH3MhFWzxyZAMj6

35 B
268 B

368ms
116ms

Image
image/gif

3.13.226.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=FTxFYtET4v5Jb6QL_wH3MhFWzxyZAMj6
Protocol: H2
Server: 3.13.226.189 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-13-226-189.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:05 GMT
x-bt-requestid: c59eaa80-19bc-11ee-87d6-0000ac170131
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=FTxFYtET4v5Jb6QL_wH3MhFWzxyZAMj6
date: Mon, 03 Jul 2023 16:15:05 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 707238
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306280101&jk=56907534514127&bg=!NzSlNGDNAAb90kgr3dI7ADkAdvg8WqNV3quPlMZiiw9sUNzuUVSb6cmcgYulxW_Eeba1oUiaP3kDwz9feajWJ2pXcITrEwhjjvQCAAAAlFIAAAAIaAEHCgB88EodKHYQFGSDo_730cVSzSheXmRFX6AsEDhCXG-OmrfHdFzRBp6PLqSt09WO9ORYYw0oTkY0O78IKad2pNi2qs25uHd0KhpPnSoZ0z9BifYykXs6WCkmN7jZIaPoXBp1nWtT2tOJySAoGTWadcCY_nwJ-sU57e0HxHHNNZkCn6eqiIvxnbJPfogkjT0MD0ahXe0-KRqDqLk9JXm3tJFULuPaj-pYjiIOrVPmr4QTJgcFh-yLDiiltZeYdGKHKktTmC3n1hlgR-a1vXXJHx12d3oxR4ADwSD0mVE-llf2z--HTOMT7BeVotfP-3YTEtfBjsH6CmPbjHV3VgwPyHo8NIaqMSeCj9KSzi5cCbIMjUYA9jnwIFU8loqb_ggXQcbrYl_TEsBezmdknx9Oedt6ivr47WoYngjYPSg3znuxwx5bU4SKwuO-yAGf2EDjpxJjHb141rA-AoHMPoth5PrJkLG8U1JlqPoY0iIa0VwYciuSEdQ7JDB9vNdc4kzCcHQRGQn3UG2ZoVXDHhnEP3ZVe_G98_pZ5NRF6PT8q3-MD5zzHUs8LIc_tBEIF4sHc6mT-ku-35c9RAqxBHJvbKjuD8SgapYYDT0BCckzpeRhvcvU_q5pAO5jipYA6h8msbdepEyk5nqxxKusWEZkj5la7QCQShcjtuVtDIAf_lu1-pswqObCU8DvFIWMaDYYQyN_dwc5wcZF4zshPM_lJkp2GiGUIlBF8BvgXUAGpLVX-9TTMmGMNDwTG1FkjMOBQk-vhhGpBcXBSzMddN4qkibCekw36zmWAlwHBwOxAgDA1Op1_q8Sfg82XbxDSxVXPUm7i7AYpor3smL4ORpNirGuCDA4Q4TzZQEqdKcn4C7y4NtTaW_NYI0aa6JAKoNzh5Gino1ZYOSvVI7dVLJRfQSQxilvnjdXutf9WVYH0WRRKFwJ4eg2UpNlgNKG9NLm5VsyZo61Vrx2Mg32vanvS_KBL4P_QXsaeAfI5qIZebz1ss1OMsk3DbP10TNIGnKVKJ3i7An518EGRu921faslTSOby9A62MFYUOSPuK3Yn6W
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 78EA 0
954 B 22ms
21ms Ping
text/html 37.252.171.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwheregoes.com%2F&e=wqT_3QL7Buh7AwAAAwDWAAUBCIboi6UGEIDVsf712pTKLBgAKjYJ96BIv3qYij8RhDK4NQ5EiT8ZAAAAgOtR4D8hhA0SACkRJNAxAAAA4FG4nj8w9e2zCzjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t42NcFgAEBigEDVVNEkgUG8FiYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4AKf8D_qAhZodHRwczovL3doZXJlZ29lcy5jb20vgAMAiAMBkAMAmAMXoAMBqgOEAwqaAhUsHHd3LmJpbmcuASvwYWFwaS92MS9tZWRpYXRpb24vdHJhY2tpbmc_YWRVbml0PTM5MTQ2NiZhdUlkPTQ0NjY5NTdiLTdkNjYtNDY4My1hN2U2LTdjNDZjNjM0OGU1OSZjbUV4cElkPUxWMyZvQWRVHUVUcHVibGlzaGVySWQ9MTYyNjQ1MzMwJgEOkloAuHJ0eXBlPW51cmwmdGFnSWQ9MjM5MTgzMjUmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRn0PgFwYmFnZWJ5JmFpZD0ke0FVQ1RJT05fSUR9EgUxMjA4NRoTMzIxMjI4MzUxOTIwMDY4NDY3MiIJMzgxODQ2NzE0KgRiaW5nOjhVMlZoY21Ob1FXUWpPRE13TVRNME9UWTROemc0T1RRak1qTXpORGd4TWprME1UZ3dNVFExT0E9PcADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMjE3LjExNC4yMTguMjSoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAEuomKtgGIBQGYBQCgBcvijdDM6LDhO8AFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGwo0E2gYWChAABUEZAXQQABgA4AYB8gYCCACABwGIBwCgBwHIB9jXBdIHDQkRKAEmDNoHBggFCWjgBwDqBwIIAPAHkfgBiggCEACVCAAAgD-YCAE.&s=9a4a2df03f142ff135583d48a4ddf1cbb0f86359&type=pv&jm=1003&px=436&py=374&bw=728&bh=90&sf=1&sid=8962473871195820097&vd=ct~0|rr~5&sv=236&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=23918325&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/236/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:05 GMT
AN-X-Request-Uuid: 64fbb779-a9fa-4f6e-8387-12843adf6f0c
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1002.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.135.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 49ms
48ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.135.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:05 GMT

GET
H3

200

c.gif
www.bing.com/aes/ Frame 78EA
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=2d4b0037-7a95-410e-a27a-7dd1d6186a10&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=4466957b-7d66-4683-a7e6-7c46c6348e59&rlin...
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=58dd2eb3eb3e4acc9c27909b842e6351&tids=15000&med=10

0
18 B

77ms
76ms

Image
text/plain

2a02:26f0:480:22::1726:62db
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=58dd2eb3eb3e4acc9c27909b842e6351&tids=15000&med=10
Protocol: H3
Server: 2a02:26f0:480:22::1726:62db Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A3CF29DE372427B987CC90C431507E7 Ref B: FRA31EDGE0620 Ref C: 2023-07-03T16:15:05Z
x-cdn-traceid: 0.1bd53e17.1688400905.17225bb9
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0
quic-version: 0x00000001

Redirect headers

expires: 0
pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Mon, 03 Jul 2023 16:15:05 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DA555F82E01B445E8030776EDC235640 Ref B: VIEEDGE2020 Ref C: 2023-07-03T16:15:05Z
x-cdn-traceid: 0.1bd53e17.1688400905.17225b45
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=58dd2eb3eb3e4acc9c27909b842e6351&tids=15000&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 146
quic-version: 0x00000001

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F39F 15 KB
6 KB 40ms
39ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 16:15:05 GMT
server: Kestrel
server-processing-duration-in-ticks: 735310
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 94 KB
30 KB 45ms
43ms XHR
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

eb3e17c0f1b1c67c004211e61c5b1a416d53b308b9ac69b87a59c6ccbc751950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 29 Jun 2023 05:28:55 GMT
server: nginx
etag: W/"649d1697-17798"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:15:05 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 78EA 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAslK0I-HdfHVhszWaW6NKvhLuceYerz1DrglO9ovo_2L6FO-rvq9A_cJGgHu_e6Qw1aFh7X8Shd6V6-xyooHpTl-70mB7jBFJKyNeYQm_iyLKVTwt&sig=Cg0ArKJSzLMEWgl_B6RvEAE&id=lidar2&mcvt=1014&p=374,436,464,1164&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230628&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1696759606&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688400903907&rpt=548&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame F39F
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=wheregoes.com&sn=ChromeSyncframe&so=3&topUrl=wheregoes.com&bundle=Qnp7PV9uNmUyaDB0OURxaWQxY0tzMkFWUXd2NkdJMGZ2cSUyRjVVMDRTaTVoOXR5djZUSmpW...
https://mug.criteo.com/sid?cpp=3m_dunxwNU5pVDNoN3k2TnBQT0Q2a1JCdlAwQ3ROc2FKOWlpK2tRc3F1M2NrQ1lNTVJKZTBFeGkxUVFORE5HVlprT3kzdS84WGplSHVMRUpSbjQ1Ly9idWRzWVdLOVQ3NDc2dnM5aFI4dWtZdWpmZlB0Vy9lOS9IZStFa3...

438 B
655 B

27ms
26ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=3m_dunxwNU5pVDNoN3k2TnBQT0Q2a1JCdlAwQ3ROc2FKOWlpK2tRc3F1M2NrQ1lNTVJKZTBFeGkxUVFORE5HVlprT3kzdS84WGplSHVMRUpSbjQ1Ly9idWRzWVdLOVQ3NDc2dnM5aFI4dWtZdWpmZlB0Vy9lOS9IZStFa3dtMzJPNEtZd0lhM2kvR29UaWpZT09SaVBWMTBSRUg1T3Z4OU9Gc0ZtTzByL3QwYjZjTllLUEdqaU1JWUVyZXpuR3hGaHArVFpGZlJJckVpZm1UQTF2a0JIN3FTcko2cjBibk9lb0JFQXBuRU54dWJKd2l5aHJpeWxsVVFNQ2kzZEgzbHlXTVdjMFEvSjRUOWozSkRZTHZaclo2a1l0ckRJQjNOakhlZFZXSkUxVWJ6MmoxZz18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3e0f994b5e71faa54633f043e3fe08ff9084e6ed18c7d120e95d35f245f8415b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 885564
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=3m_dunxwNU5pVDNoN3k2TnBQT0Q2a1JCdlAwQ3ROc2FKOWlpK2tRc3F1M2NrQ1lNTVJKZTBFeGkxUVFORE5HVlprT3kzdS84WGplSHVMRUpSbjQ1Ly9idWRzWVdLOVQ3NDc2dnM5aFI4dWtZdWpmZlB0Vy9lOS9IZStFa3dtMzJPNEtZd0lhM2kvR29UaWpZT09SaVBWMTBSRUg1T3Z4OU9Gc0ZtTzByL3QwYjZjTllLUEdqaU1JWUVyZXpuR3hGaHArVFpGZlJJckVpZm1UQTF2a0JIN3FTcko2cjBibk9lb0JFQXBuRU54dWJKd2l5aHJpeWxsVVFNQ2kzZEgzbHlXTVdjMFEvSjRUOWozSkRZTHZaclo2a1l0ckRJQjNOakhlZFZXSkUxVWJ6MmoxZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 305194
content-length: 0
expires: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 20AD 0
127 B 33ms
33ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 03 Jul 2023 16:15:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame D3E0 281 B
554 B 39ms
30ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 16:15:06 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 18E1 24 KB
8 KB 56ms
45ms Document
text/html 95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

df3679a077b6685ec2811a9606a6b736968ee09e64ae7b003886cf82dd1d1249

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8514
content-type: text/html; charset=UTF-8
date: Mon, 03 Jul 2023 16:15:06 GMT
expires: Wed, 05 Jul 2023 16:15:06 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 6502 9 KB
4 KB 133ms
30ms Document
text/html 13.32.145.35

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.145.35 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75639
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Sun, 02 Jul 2023 19:14:28 GMT
etag: W/"481f0eb11193eeaea6a690e5c66c57a4"
last-modified: Wed, 07 Jun 2023 17:56:33 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 70f383b1b1176f28876db3111bf71a12.cloudfront.net (CloudFront)
x-amz-cf-id: ETCER-aOhR_9Z0OWgy61aWKxHyH1aPTxdACN5sbhsHDfUtujeYzTnw==
x-amz-cf-pop: CDG50-C2
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:0c92ffba-51e2-4731-859f-5f9f5816d5c0
x-amz-meta-codebuild-content-md5: 0784681e688ba45904ac0a64aa0b0a6b
x-amz-meta-codebuild-content-sha256: 956b79d89029f14eaea1f363768b0942a0576bc42557ef6c8f6cc53fdc4d8515
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H2 204 /
onetag-sys.com/usync/ Frame 8683 0
0 32ms
26ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1688400902942

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4049 52 KB
17 KB 95ms
19ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1688400600000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 34390
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 03 Jul 2023 16:15:06 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 21 Jun 2023 06:41:32 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1632, 205881
X-Served-By: cache-lga13626-LGA, cache-fra-etou8220048-FRA
X-Timer: S1688400907.838612,VS0,VE0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D3E0 34 KB
10 KB 27ms
27ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 63da5a8ef44c8b56cf1dd58484d8b15bfc77dbfdaccbf7dd43ef48c1a7dcde49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 16:15:06 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Jul 2023 14:48:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81236
Connection: keep-alive
Content-Length: 10113
Expires: Tue, 04 Jul 2023 14:49:02 GMT

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame 18E1 35 B
296 B 384ms
167ms Image
image/gif 2.18.160.23

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=2&vsid=3314025048280806000V10&origin=1&flt=0
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2031%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C437%2C97%2C55%2C99%2C2045%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C446%2C9%2C407%2C2011%2C2055%2C3022%2C3020%2C173%2C294%2C251%2C175%2C450%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C459%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C262%2C461%2C222%2C301%2C345%2C225%2C468%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.160.23 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Mon, 03 Jul 2023 16:15:07 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4049 0
862 B 22ms
22ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:06 GMT
AN-X-Request-Uuid: 0c766eaf-3323-4978-891a-8eb808b69f99
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame 2E79 4 KB
2 KB 160ms
44ms Document
text/html 34.246.245.249

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.245.249 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7b152b348cb50075a9ad6ad57d91bba40ceb50a0f158ae1c1689d67a0fd90286

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 03 Jul 2023 16:15:07 GMT
etag: W/"0dc55aa96f8ce78b99b36d4d018792bf6"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 55E4 0
0 22ms
21ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 0B58 984 B
1 KB 263ms
31ms Document
text/html 185.86.139.93

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 984
content-type: text/html
date: Mon, 03 Jul 2023 16:15:06 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 7ABE 2 KB
2 KB 80ms
24ms Document
text/html 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: 903112ee5969aacb2ffaef994afc9627793d4c6c45277523813b1f4d98ca4dcf

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 1746
Content-Type: text/html
Date: Mon, 03 Jul 2023 16:15:07 GMT
Expires: 0
Keep-Alive: timeout=1, max=500
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 5C4E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

24ms
24ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 16:15:07 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 03 Jul 2023 16:15:07 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame C23E 16 KB
6 KB 102ms
21ms Document
text/html 23.32.184.192

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=164171
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 03 Jul 2023 16:15:07 GMT
expires: Wed, 05 Jul 2023 13:51:18 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 sync-iframe Show response
cs-rtb.minutemedia-prebid.com/ Frame 6477 0
527 B 147ms
63ms Document
text/html 2600:9000:20c3:1a00:1f:4c18:bd40:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:1a00:1f:4c18:bd40:93a1 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 16:15:07 GMT
server: istio-envoy
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
x-amz-cf-id: OBzW3tPYguMD9gXbsBrGkNMr-sQPXb_Q1qcMQbbrA_-u7KJpDDLzxA==
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H/1.1 200
OK user-sync Show response
sync.adkernel.com/ Frame 7272 0
160 B 106ms
29ms Document
text/plain 77.245.57.72

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 0
Cache-Control: no-store
Connection: close
Content-Length: 0
Date: Mon, 03 Jul 2023 16:15:07 GMT
Pragma: no-cache
Server: nginx

GET
H2 200 sync-iframe
cs-server-s2s.yellowblue.io/ Frame FC96 0
370 B 507ms
123ms Document
text/html 34.225.255.201

General

Check archive.org

Show headers Download Go to

Full URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.225.255.201 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: https://public.servenobid.com/
content-length: 0
content-type: text/html
date: Mon, 03 Jul 2023 16:15:07 GMT
server: istio-envoy
x-envoy-upstream-service-time: 0
x-reason: could not perform CS due to GDPR policy: gdpr is not applied

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 2C9F 17 KB
7 KB 123ms
22ms Document
text/html 2606:2800:233:f76:14f7:d635:25c4:c8d7

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:f76:14f7:d635:25c4:c8d7 -, , ASN (),
Reverse DNS
Software: ECAcc (frc/4CFA) /
Resource Hash: 959b323d6d404b16646fff656d108c0ef6079419e6a5536ff04f24b69a706d67

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age: 756
cache-control: max-age=900
content-encoding: gzip
content-length: 6056
content-md5: BWNiLq3WgjMFnqlZeqylmg==
content-type: text/html; charset=utf-8
date: Mon, 03 Jul 2023 16:15:07 GMT
etag: 3c7cbe5d-b074-41c0-9aea-5feaec65b4f6
expires: Mon, 03 Jul 2023 16:30:07 GMT
last-modified: Fri, 09 Jun 2023 15:10:42 GMT
opc-request-id: iad-1:Fplvudd5gHG44qYlXdY_XWhiDbs1IoXVUQ7fn5Z_VmMFbLf611saiqwTE5Pro0nd
server: ECAcc (frc/4CFA)
storage-tier: Standard
vary: Accept-Encoding
version-id: 54260ee6-b896-4a59-bf66-caede0de27cf
x-api-id: native
x-cache: HIT

GET
H2

200

sync
ads.servenobid.com/ Frame 6502
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=8827646718600857853

0
344 B

45ms
45ms

Image
image/avif

52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=8827646718600857853
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Date: Mon, 03 Jul 2023 16:15:07 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bc28c651-6d7d-42d3-94e1-bf9279824fcc
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://ads.servenobid.com/sync?pid=312&uid=8827646718600857853
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 6502
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=G62vsRZH7n_xfAbuSZaXr-_F

0
350 B

45ms
45ms

Image
image/avif

52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=G62vsRZH7n_xfAbuSZaXr-_F
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=G62vsRZH7n_xfAbuSZaXr-_F
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 6502 0
277 B 38ms
35ms Image
text/plain 216.52.2.16
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Jul 2023 16:15:07 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET

RX-599ec98c-8779-43cb-a537-ba2174de84e1-003
sync.targeting.unrulymedia.com/csync/ Frame 6502
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1688400907146
https://ad.turn.com/r/cs?pid=45&rndcb=1233661307
https://sync.1rx.io/usersync/turn/3885511552019901866?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-599ec98c-8779-43cb-a537-ba2174de84e1-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-599ec98c-8...

0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 6502
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5144588525540386229

0
344 B

45ms
44ms

Image
image/avif

52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5144588525540386229
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5144588525540386229
Date: Mon, 03 Jul 2023 16:15:07 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 6502 0
498 B 449ms
106ms Image
text/plain 69.166.1.12

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 -, , ASN (),

Reverse DNS

Software

sonobi-go /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-46
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 6502
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=

0
252 B

44ms
43ms

Image
image/avif

52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=
date: Mon, 03 Jul 2023 16:15:07 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 0
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 6502
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ads.servenobid.com/sync?pid=337&uid=y-EdFv.spE2uGEdAfaqjdFfBdFGspBJK0T1e7yunM-~A

0
366 B

43ms
43ms

Image
image/avif

52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-EdFv.spE2uGEdAfaqjdFfBdFGspBJK0T1e7yunM-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-EdFv.spE2uGEdAfaqjdFfBdFGspBJK0T1e7yunM-~A
date: Mon, 03 Jul 2023 16:15:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET redirectuser
ssp.disqus.com/ Frame 6502 0
0

GET
H2

200

sync
ads.servenobid.com/ Frame 6502
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-EdFv.spE2uGEdAfaqjdFfBdFGspBJK0T1e7yunM-~A

0
366 B

43ms
43ms

Image
image/avif

52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-EdFv.spE2uGEdAfaqjdFfBdFGspBJK0T1e7yunM-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-EdFv.spE2uGEdAfaqjdFfBdFGspBJK0T1e7yunM-~A
date: Mon, 03 Jul 2023 16:15:07 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 v1
match.sharethrough.com/universal/ Frame 6502 0
359 B 23ms
20ms Image
text/plain 3.65.56.209
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.65.56.209 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-65-56-209.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 6502
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
https://ads.servenobid.com/sync?pid=353&uid=0000EEA

0
336 B

45ms
44ms

Image
image/avif

52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
date: Mon, 03 Jul 2023 16:15:07 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type: text/html
cache-control: max-age=0, no-cache, no-store
content-length: 154
x-mnet-hl2: E
expires: Mon, 03 Jul 2023 16:15:07 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 7ABE 70 B
264 B 45ms
44ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Jul 2023 16:15:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7ABE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZKL0CLN8Opt1bxypZZCBpgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL0WA1CM9x_J1Crkg45pMbc&google_cver=1

43 B
632 B

24ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL0WA1CM9x_J1Crkg45pMbc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEL0WA1CM9x_J1Crkg45pMbc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame 7ABE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZKL0CLN8Opt1bxypZZCBpgAABKEAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHGA5YX129pxNRIxrx4JnPY&google_cver=1

43 B
632 B

21ms
21ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHGA5YX129pxNRIxrx4JnPY&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEHGA5YX129pxNRIxrx4JnPY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 7ABE 43 B
855 B 115ms
114ms Image
image/gif 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZKL0CLN8Opt1bxypZZCBpgAABKEAAAAB&gpp=&gpp_sid=

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: ZGABYKPTVZKS9DW310S1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 7ABE 0
44 B 179ms
31ms Image
text/plain 185.86.139.93

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:06 GMT
content-length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7ABE
Redirect Chain

https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8827646718600857853

43 B
632 B

73ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8827646718600857853
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Date: Mon, 03 Jul 2023 16:15:07 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9acac656-4246-4347-b178-61b550b6fad1
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8827646718600857853
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 7ABE
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329526467073050

43 B
632 B

24ms
23ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329526467073050
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5133329526467073050
Date: Mon, 03 Jul 2023 16:15:07 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET /
b1sync.zemanta.com/usersync/index/ Frame 7ABE 0
0

GET
H2 200 sync
ads.servenobid.com/ Frame 7ABE 0
357 B 45ms
44ms Image
image/avif 52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=ZKL0CLN8Opt1bxypZZCBpgAABKEAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame C23E 3 KB
3 KB 120ms
33ms Script
text/html 198.47.127.19

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6447435&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 198.47.127.19 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28cf4451db0cbab1ee085e2c8db4a13eb339e98742dc44a6177c8a4c098188ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Mon, 03 Jul 2023 16:15:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 5C4E 34 KB
10 KB 31ms
31ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 63da5a8ef44c8b56cf1dd58484d8b15bfc77dbfdaccbf7dd43ef48c1a7dcde49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 16:15:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Jul 2023 14:48:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81235
Connection: keep-alive
Content-Length: 10113
Expires: Tue, 04 Jul 2023 14:49:02 GMT

GET services
sync.technoratimedia.com/ Frame 2C9F 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2E79
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=8827646718600857853

35 B
250 B

282ms
47ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=8827646718600857853
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

Date: Mon, 03 Jul 2023 16:15:07 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.218.24; 217.114.218.24; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 2c4f7358-5d30-462c-a439-df42bef64246
Server: nginx/1.23.4
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://usersync.gumgum.com/usersync?b=apn&i=8827646718600857853
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET

/
c1.adform.net/serving/cookie/match/ Frame 2E79
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_cd44feb0-0a63-4dbc-bee3-e4f6e141c5c5&gdpr=0&gdpr_consent=&us_privacy=1---
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2

0
0

GET

syncUser
sync.outbrain.com/ Frame 2E79
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%286DQkwbCVQfReM8mF_znRjOkiM-OAwI0GsPXTt0kClzm_Z_4vc68uAIYcTbqvnJ9-%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_cd44feb0-0a63-4dbc-bee3-e4f6e141c5c5&obuid=ENC(6DQkwbCVQfReM8mF_znRjOkiM-OAwI0GsPXTt0kClzm_Z_4vc68uAIYcTbqvnJ9-...

0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2E79
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=c7380a07-957c-4721-915d-2585a85a008c

35 B
250 B

160ms
56ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=c7380a07-957c-4721-915d-2585a85a008c
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 03 Jul 2023 16:15:07 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://usersync.gumgum.com/usersync?b=opx&i=c7380a07-957c-4721-915d-2585a85a008c
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET sync
sync.srv.stackadapt.com/ Frame 2E79 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2E79
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-NeG_pPRE2pd2XGrrlgkMLhIncZj51MzMPREC~A

35 B
250 B

235ms
58ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-NeG_pPRE2pd2XGrrlgkMLhIncZj51MzMPREC~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

date: Mon, 03 Jul 2023 16:15:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-NeG_pPRE2pd2XGrrlgkMLhIncZj51MzMPREC~A
content-length: 0

GET generic
sync.ipredictive.com/d/sync/cookie/ Frame 2E79 0
0

GET services
sync.technoratimedia.com/ Frame 2E79 0
0

GET 142
match.deepintent.com/usersync/ Frame 2E79 0
0

GET /
b1sync.zemanta.com/usersync/gumgum/ Frame 2E79 0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2E79
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=56d385ae-5d20-4063-bc09-8da9c72ffc5c

35 B
250 B

222ms
45ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=56d385ae-5d20-4063-bc09-8da9c72ffc5c
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=56d385ae-5d20-4063-bc09-8da9c72ffc5c
access-control-allow-origin: *
date: Mon, 03 Jul 2023 16:15:07 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET

usersync
usersync.gumgum.com/ Frame 2E79
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=PqLotr85ClUX&ev=1&pid=558355

0
0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame 2E79
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=6329278882639654901

35 B
250 B

193ms
46ms

Image
image/gif

52.210.15.1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=6329278882639654901
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 52.210.15.1 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Date: Mon, 03 Jul 2023 16:15:07 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=6329278882639654901
date: Mon, 03 Jul 2023 16:15:07 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame 2E79 0
357 B 52ms
44ms Image
image/avif 52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_cd44feb0-0a63-4dbc-bee3-e4f6e141c5c5
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 5C4E 0
0

GET URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame DA9D 0
0

GET
H3 200 pixel Show response
cm.g.doubleclick.net/ Frame A9F0 170 B
188 B 43ms
33ms Document
image/png 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV9jZDQ0ZmViMC0wYTYzLTRkYmMtYmVlMy1lNGY2ZTE0MWM1YzU=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 16:15:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7CE6 16 KB
6 KB 26ms
19ms Document
text/html 23.32.184.192

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.184.192 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=164171
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Mon, 03 Jul 2023 16:15:07 GMT
expires: Wed, 05 Jul 2023 13:51:18 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame ED0C 70 B
264 B 57ms
50ms Document
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Mon, 03 Jul 2023 16:15:07 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET idsync
tg.socdm.com/aux/ Frame 06D3 0
0

GET gumgum
cs.admanmedia.com/sync/ Frame CC89 0
0

GET
H/1.1 200
OK usermatchredir Show response
ssum-sec.casalemedia.com/ Frame 842B 43 B
632 B 23ms
21ms Document
image/gif 185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 03 Jul 2023 16:15:07 GMT
Expires: 0
Keep-Alive: timeout=1, max=498
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma: no-cache
Server: Apache

GET

cm-notify
creativecdn.com/ Frame 624F
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1

0
0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 000F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

34ms
34ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 03 Jul 2023 16:15:07 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Mon, 03 Jul 2023 16:15:07 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H/1.1 200
OK img
sync.mathtag.com/sync/ Frame 0390 0
0 146ms
30ms Document
image/gif 185.29.132.241

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.132.241 -, , ASN (),
Reverse DNS
Software: MT3 1031 59fd23a master zrh zrh-pixel-x7 config_version:"1524" /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 03 Jul 2023 16:15:07 GMT
Expires: Mon, 03 Jul 2023 16:15:06 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 1031 59fd23a master zrh zrh-pixel-x7 config_version:"1524"

GET pubmatic
d5p.de17a.com/getuid/ Frame 8212 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FE8B
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=

42 B
95 B

42ms
36ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 03 Jul 2023 16:15:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Mon, 03 Jul 2023 16:15:06 GMT
expires: Mon, 03 Jul 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 765217
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 396C
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526467073050

42 B
194 B

41ms
35ms

Document
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526467073050
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Mon, 03 Jul 2023 16:15:07 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Content-Length: 0
Date: Mon, 03 Jul 2023 16:15:07 GMT
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5133329526467073050
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame 5B9B 43 B
855 B 59ms
58ms Document
image/gif 67.220.228.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3B957019-7A3E-4954-B7DF-6FC5AAA41020&redir=true&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.228.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Mon, 03 Jul 2023 16:15:07 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 642Z5WKD86FJR9C4D4HE

GET
H2 200 sync
ads.servenobid.com/ Frame 8780 0
357 B 47ms
45ms Document
text/html 52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/sync?pid=316&uid=3B957019-7A3E-4954-B7DF-6FC5AAA41020
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin: *
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 0
content-type: text/html;charset=ISO-8859-1
date: Mon, 03 Jul 2023 16:15:07 GMT

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C23E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O5VwGXo-SVS332_FqqQQIA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

20ms
20ms

Image
text/html

23.32.184.192

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 23.32.184.192 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=164171
accept-ranges: bytes
content-length: 5554
expires: Wed, 05 Jul 2023 13:51:18 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame C23E 49 B
265 B 215ms
53ms Image
image/gif 52.31.229.177

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3B957019-7A3E-4954-B7DF-6FC5AAA41020&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.229.177 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:07 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.16.38
content-length: 49
expires: 0

GET

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame C23E
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3210914529
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0

0
0

GET match
a.audrte.com/ Frame C23E 0
0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C23E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0I5NTcwMTktN0EzRS00OTU0LUI3REYtNkZDNUFBQTQxMDIw&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

151ms
31ms

Image
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 03 Jul 2023 16:15:07 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame C23E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECkuseUI-f0SU1NM-ARdXYc&google_cver=1

42 B
527 B

151ms
30ms

Image
image/gif

185.64.191.210

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECkuseUI-f0SU1NM-ARdXYc&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Server: 185.64.191.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Mon, 03 Jul 2023 16:15:07 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Mon, 03 Jul 2023 16:15:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECkuseUI-f0SU1NM-ARdXYc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame C23E 43 B
612 B 184ms
24ms Image
image/gif 35.204.74.118

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 02 Jul 2023 16:15:07 GMT

GET

match
c1.adform.net/serving/cookie/ Frame C23E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...

0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C23E 70 B
264 B 46ms
44ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 03 Jul 2023 16:15:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK usync.js
eus.rubiconproject.com/ Frame 000F 34 KB
10 KB 33ms
31ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Mon, 03 Jul 2023 16:15:07 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Jul 2023 14:48:30 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=81235
Connection: keep-alive
Content-Length: 10113
Expires: Tue, 04 Jul 2023 14:49:02 GMT

GET
H2 200 sync
ads.servenobid.com/ Frame 0B58 0
344 B 48ms
45ms Image
image/avif 52.48.248.173
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=587574624898658236&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.248.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-248-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Mon, 03 Jul 2023 16:15:07 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET

RX-599ec98c-8779-43cb-a537-ba2174de84e1-003
sync.targeting.unrulymedia.com/csync/ Frame 0B58
Redirect Chain

https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
https://ad.turn.com/r/cs?pid=45&rndcb=5468887545
https://sync.1rx.io/usersync/turn/4245799522209541546?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-599ec98c-8779-43cb-a537-ba2174de84e1-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-599ec98c-8...

0
0

GET

/
rtb-csync.smartadserver.com/redir/ Frame 0B58
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NjMyOTI3ODg4MjYzOTY1NDkwMQ==&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPPXgx8pcYbVsJT9C8ULWuk&gdpr=0&gdpr_consent=&google_cver=1

0
0

GET
H2 200 bsync
visitor.omnitagjs.com/visitor/ Frame 0B58 0
0 75ms
72ms Image
text/html 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

GET gjIEMT18
sync-tm.everesttech.net/upi/pid/ Frame 0B58 0
0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 000F 0
239 B 24ms
24ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LJN2AYJ7-1O-357I
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.targeting.unrulymedia.com
URL: https://sync.targeting.unrulymedia.com/csync/RX-599ec98c-8779-43cb-a537-ba2174de84e1-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-599ec98c-8779-43cb-a537-ba2174de84e1-003

Domain: ssp.disqus.com
URL: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?gdpr=0&gdpr_consent=&us_privacy=1YN-&srv=cs&source=duration&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D362%26uid%3D%5BUSER_ID%5D&att=99

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=gumgum2

Domain: sync.outbrain.com
URL: https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_cd44feb0-0a63-4dbc-bee3-e4f6e141c5c5&obuid=ENC(6DQkwbCVQfReM8mF_znRjOkiM-OAwI0GsPXTt0kClzm_Z_4vc68uAIYcTbqvnJ9-)&gdpr=0

Domain: sync.srv.stackadapt.com
URL: https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=

Domain: sync.ipredictive.com
URL: https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D

Domain: sync.technoratimedia.com
URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/gumgum/?puid=e_cd44feb0-0a63-4dbc-bee3-e4f6e141c5c5&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__

Domain: usersync.gumgum.com
URL: https://usersync.gumgum.com/usersync?b=pln&i=PqLotr85ClUX&ev=1&pid=558355

Domain: pixel-us-east.rubiconproject.com
URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LJN2AYJ7-1O-357I

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=gumgum

Domain: cs.admanmedia.com
URL: https://cs.admanmedia.com/sync/gumgum?puid=e_cd44feb0-0a63-4dbc-bee3-e4f6e141c5c5&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---

Domain: creativecdn.com
URL: https://creativecdn.com/cm-notify?pi=gumgum&tc=1

Domain: d5p.de17a.com
URL: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID

Domain: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0

Domain: a.audrte.com
URL: https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=3B957019-7A3E-4954-B7DF-6FC5AAA41020

Domain: c1.adform.net
URL: https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=

Domain: sync.targeting.unrulymedia.com
URL: https://sync.targeting.unrulymedia.com/csync/RX-599ec98c-8779-43cb-a537-ba2174de84e1-003?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fpartnerid%3D113%26partneruserid%3DRX-599ec98c-8779-43cb-a537-ba2174de84e1-003

Domain: rtb-csync.smartadserver.com
URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPPXgx8pcYbVsJT9C8ULWuk&gdpr=0&gdpr_consent=&google_cver=1

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.adnxs.com/	1970-01-20 15:09:36	Name: icu Value: ChgIvahBEAoYASABKAEwh-iLpQY4AUABSAEQh-iLpQYYAA..
.adnxs.com/	1970-01-20 15:09:36	Name: uuid2 Value: 8827646718600857853
.rubiconproject.com/	1970-01-20 21:45:36	Name: khaos Value: LJN2AYJ7-1O-357I
.rubiconproject.com/	1970-01-20 21:45:36	Name: audit Value: 1\|naVuGyos1qorMCgcN5+akLU1ZxogGjlwOA+xFj1I9sdpdF/86rQGbw8bK24aA/rwtjr9BQ320rtNK4vGyfbdaMxuhZpbWKLtKo1K0XDjsVm+xUA9sgf/4eNEKcfJxgEB
.criteo.com/	1970-01-20 22:21:36	Name: uid Value: d422ba12-e5a9-4708-b082-85dbc0e90edf
.wheregoes.com/	1970-01-20 22:21:36	Name: __gads Value: ID=b7df2a31d33b95c4:T=1688400903:RT=1688400903:S=ALNI_MZsm92cIcGHk5IcweaTtTwZCcU2uw
.wheregoes.com/	1970-01-20 22:21:36	Name: __gpi Value: UID=00000c36e60e5587:T=1688400903:RT=1688400903:S=ALNI_MYu_SyllCBU7uqH33xLUal3EU90Rg
.doubleclick.net/	1970-01-20 22:21:36	Name: IDE Value: AHWqTUmxgz7Zjas8WRtbYMnA-rqq3kP3Wa9Ejk8qZUmHsDXJk_5eR0YhUm4RaQ9aTbI
.bing.com/	1970-01-20 22:21:36	Name: MUID Value: 0D638076AFE66A013B309335AE206B0C
.yahoo.com/	1970-01-20 21:45:58	Name: A3 Value: d=AQABBAj0omQCEE9fkUCOXxFcMyrsKntL2JoFEgEBAQFFpGSsZAAAAAAA_eMAAA&S=AQAAAuO9_tHNYyobFTpMfTYXpKo
.linkedin.com/	1970-01-20 21:45:36	Name: bcookie Value: "v=2&00f92acc-cea9-4ef3-8c9e-bb2a6e227276"
.linkedin.com/	1970-01-20 17:19:12	Name: li_gc Value: MTswOzE2ODg0MDA5MDQ7MjswMjFwGwJwL7SmdxDFV8MhJXYweeFM2mmVg4NyQ4ZKLekWYA==
.linkedin.com/	1970-01-20 13:01:27	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2934:u=1:x=1:i=1688400904:t=1688487304:v=2:sig=AQEfVxEDHx5t5K8Apc6DxMh4VKx5lXvi"
.adnxs.com/	1970-01-20 15:09:36	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2C%sd]ugm!]tbPl@/D!9hy6]/CwiG/xF(s4!o'WfC5'N`p/Z-/02_>mt+98_9ZYhiTw]@4!?^`BgP.KuNRrYP(hw9P-HC_#tv/>+7PY.
match.sharethrough.com/	1970-01-20 13:10:05	Name: AWSALBCORS Value: qXDzqAy+YRJXR8F3rRlabJO4V8aKhAXaMfFXI8D9bb0Cyli/ESvoWbTqpEXIkmjdStQm9UXgH9Ar2+dnvi6uSkyCYSnYPYfxYXnGOFGlkYmYhpLWHyDoy6euNV3Z
.amazon-adsystem.com/	1970-01-20 22:36:00	Name: ad-privacy Value: 0
.bidswitch.net/	1970-01-20 21:45:36	Name: tuuid Value: d2bc6049-5834-49fd-8249-47cfd71c45a3
.bidswitch.net/	1970-01-20 21:45:36	Name: c Value: 1688400904
.bidswitch.net/	1970-01-20 21:45:36	Name: tuuid_lu Value: 1688400904
.media.net/	1970-01-20 21:45:36	Name: visitor-id Value: 3314025048280806000V10
.media.net/	1970-01-20 13:43:12	Name: data-c-ts Value: 1688400904
.media.net/	1970-01-20 13:43:12	Name: data-c Value: k-9pZGOgQ3-27fV-vRAxjtKO48xYuqZi5lfiIIkQ~~3
.id5-sync.com/	1970-01-20 13:00:01	Name: cf Value:
.id5-sync.com/	1970-01-20 13:00:01	Name: cip Value:
.id5-sync.com/	1970-01-20 13:00:01	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:00:01	Name: car Value:
.id5-sync.com/	1970-01-20 13:00:01	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:00:01	Name: callback Value:
.casalemedia.com/	1970-01-20 21:45:36	Name: CMID Value: ZKL0CLN8Opt1bxypZZCBpgAA
.casalemedia.com/	1970-01-20 15:09:36	Name: CMPS Value: 1185
.casalemedia.com/	1970-01-20 15:09:36	Name: CMPRO Value: 1185
.demdex.net/	1970-01-20 17:19:12	Name: demdex Value: 56649278125437922252540675215175830291
.amazon-adsystem.com/	1970-01-20 19:33:08	Name: ad-id Value: Axp1hdOsrkubloZzkaVGCMo
.dpm.demdex.net/	1970-01-20 17:19:12	Name: dpm Value: 56649278125437922252540675215175830291
exchange.mediavine.com/	1970-01-20 13:20:10	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22c53ed740-19bc-11ee-ba76-45fb7b405363%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:20:10	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22c53ed740-19bc-11ee-ba76-45fb7b405363%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:20:10	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22c53ed740-19bc-11ee-ba76-45fb7b405363%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:20:10	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22c53ed740-19bc-11ee-ba76-45fb7b405363%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:20:10	Name: criteo Value: %7B%22id%22%3A%22k-BRsc5gQ3-27fV-vRAxjtKO48xYtKOIqIsknPUQ%22%2C%22version%22%3A%22criteo%22%7D
.pubmatic.com/	1970-01-20 13:43:12	Name: KRTBCOOKIE_97 Value: 3385-uid:k-NKdMNAQ3-27fV-vRAxjtKO48xYu9_pvyvj9l7A&KRTB&23144-uid:k-NKdMNAQ3-27fV-vRAxjtKO48xYu9_pvyvj9l7A&KRTB&23286-uid:k-NKdMNAQ3-27fV-vRAxjtKO48xYu9_pvyvj9l7A&KRTB&23287-uid:k-NKdMNAQ3-27fV-vRAxjtKO48xYu9_pvyvj9l7A
.pubmatic.com/	1970-01-20 13:43:12	Name: PugT Value: 1688400903
.360yield.com/	1970-01-20 15:09:36	Name: tuuid Value: 56d385ae-5d20-4063-bc09-8da9c72ffc5c
.360yield.com/	1970-01-20 15:09:36	Name: tuuid_lu Value: 1688400904
.360yield.com/	1970-01-20 15:09:36	Name: um Value: !38,K26d7zyvjck.mg5lApnGedFZ6xQCc61is-JWI5pa9zVNZXqjEEjxhMb71API31jJkxMNNyUg,1696176904
.360yield.com/	1970-01-20 15:09:36	Name: umeh Value: !38,0,1750608904,-1
.krxd.net/	1970-01-20 17:19:12	Name: _kuid_ Value: PpwVJDHf
.tremorhub.com/	1970-01-20 21:45:57	Name: tvid Value: b09d391bee2a4314b8ddbda961cffb63
.tremorhub.com/	1970-01-20 13:43:12	Name: tv_UICR Value: k-cJ9aZwQ3-27fV-vRAxjtKO48xYsDXkJlsAc6vQ
.wheregoes.com/	1970-01-20 22:21:36	Name: cto_bundle Value: tdVrRV9uNmUyaDB0OURxaWQxY0tzMkFWUXdtVXpmejUwU1Y0dk1zJTJCS1RjZ1NaM2dlOGhsQzVQayUyQkhOU3REUXkyekdIOVo1aEthJTJGSU94VGRFR3p1cXA3RXk1V0w0V0FmZU5mZCUyRkZEV1JYNUZGT01BSDB6ckFIUGF6JTJCbU45TGxLekdBT1I3ckRTdmx0dFNOYWI4cm1WVlAlMkJ5UlElM0QlM0Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	(Line 1) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3B957019-7A3E-4954-B7DF-6FC5AAA41020&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7769e2148a7769880b77ea1600c416af.safeframe.googlesyndication.com
a.audrte.com
a.twiago.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.yieldlab.net
ads.eu.criteo.com
ads.pubmatic.com
ads.servenobid.com
adsdk.microsoft.com
adsdkprod.azureedge.net
adservice.google.com
ap.lijit.com
api.fouanalytics.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-ams3.rubiconproject.com
beacon.krxd.net
bidder.criteo.com
c1.adform.net
c21lg-d.media.net
cat.nl3.eu.criteo.com
cdn.adnxs.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn4.buysellads.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
criteo-partners.tremorhub.com
criteo-sync.teads.tv
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csm.eu.criteo.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
exchange.mediavine.com
fastlane.rubiconproject.com
fra1-ib.adnxs.com
g2.gumgum.com
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
match.adsrvr.org
match.deepintent.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.thebrighttag.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.criteo.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync-tm.everesttech.net
sync.adkernel.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
wheregoes.com
widget.nl3.eu.criteo.com
www.bing.com
www.google.com
www.googletagservices.com
x.bidswitch.net
a.audrte.com
b1sync.zemanta.com
c1.adform.net
creativecdn.com
cs.admanmedia.com
d5p.de17a.com
image6.pubmatic.com
match.deepintent.com
pixel-us-east.rubiconproject.com
rtb-csync.smartadserver.com
ssp.disqus.com
sync-tm.everesttech.net
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
usersync.gumgum.com
104.131.3.131
104.75.89.75
13.32.145.35
141.226.228.48
141.95.98.65
142.250.186.66
147.75.84.158
151.101.1.108
151.139.128.10
178.250.1.11
178.250.1.6
178.250.1.9
18.155.129.21
18.196.116.171
185.255.84.151
185.255.84.152
185.29.132.241
185.64.190.80
185.64.191.210
185.80.39.216
185.86.138.152
185.86.139.93
193.0.160.130
198.47.127.19
2.18.160.23
216.52.2.16
216.52.2.86
23.201.255.110
23.212.88.20
23.215.16.120
23.32.184.180
23.32.184.192
23.37.42.132
2600:1f18:612b:4264:77de:c90c:e766:ea27
2600:9000:20c3:1a00:1f:4c18:bd40:93a1
2600:9000:225b:2200:a:e047:753:be1
2602:803:c003:200::21
2602:803:c003:200::77
2606:2800:233:f76:14f7:d635:25c4:c8d7
2606:4700:10::6816:3456
2606:4700:3035::ac43:b70e
2606:4700::6811:190e
2606:4700:e6::ac40:c626
2620:1ec:21::14
2620:1ec:46::60
2a00:1450:4001:80b::2004
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::7
2a02:2638:3::c
2a02:2638:d::11
2a02:2638:d::2
2a02:26f0:480:22::1726:62db
2a04:4e42:400::485
2a05:d018:d29:3605:6ce8:f044:1eeb:8f7f
3.13.226.189
3.65.56.209
3.71.149.231
34.117.157.22
34.120.63.153
34.225.255.201
34.246.245.249
34.246.32.5
34.98.64.218
35.157.132.87
35.204.74.118
37.157.5.133
37.252.171.21
37.252.171.84
37.252.173.215
51.89.9.252
52.210.13.95
52.210.15.1
52.210.241.171
52.223.40.198
52.31.229.177
52.46.128.147
52.48.248.173
52.50.52.186
54.76.0.125
64.202.112.191
67.220.228.200
69.166.1.12
69.173.144.139
76.223.111.18
77.245.57.72
85.215.5.31
95.101.148.20
0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0273c44e8eacfe524e0741d7fbd39bd1fa06ea68fd1cc7018bb6068ef369f24b
04aaf475011c4693ea16226034cd4cc394ed1dbe6bbd5d01547f5a2bb18bcc1c
062ca10ec916e26ab4051ac393c8a5219654f91886c22da18ac16ef926619573
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
107056ea90d27efb0e0266bf5cd1ae3b8257f1585851bda2a3201171b88bbab8
11854056d48286b01e5bcf2b635e9bc7e6326bbfa21e5126c7ea1ba63068eb66
19f4129c1cfc1a9fcb2e94b35853f3d2085c0807564e37971d1ccb6ef2a7e852
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
20d3e3cc1340e218d30035033398ccfe72086801df5dfc6fc53d36ec04965a75
20e74dbf3ee183f6fe1447dd7efef616905f78e10733e618dfd67f54c8a25ca8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
275a9b746fb8d1d3af274d8648380a2b1544ed0fdab4b412079943827b5bdbb0
28cf4451db0cbab1ee085e2c8db4a13eb339e98742dc44a6177c8a4c098188ad
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
363acc6dc931889c3a1125686830d84b7734a642957aebe2cde330c154cdf4d5
38a2237a984134eb2074dfd2f178119e22b880a8785f6aae49e158f2eba34c5c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e0f994b5e71faa54633f043e3fe08ff9084e6ed18c7d120e95d35f245f8415b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3ffdb4dd35b8047f89586c3e9a43992373e95a00625144e7327ccf67ebda1379
422ded8741cc19c66bf1088825ea4600e8e1c68f10faaa156c0ebe5c76825a21
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
465b2b9dbe62446b05480b0e71f9ccb3f36a86e30c83480f93c9d0ecc6200e2b
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b0af8fafe78654721c523dd1ab1f0a864d7a4c63912347e45e7e138e345958d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d5a6e08bb0e8edc55e4e204d4b98729de4e1ae37db44e357b1d28a9463dc215
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5c7face9ffa10c0836cfd29550f0a85393aeaaf5adf705323c0781887a050528
5e2cd92b9a992454225e3c1722d0ce8013d769ae793fabe276704c908e6055a1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63da5a8ef44c8b56cf1dd58484d8b15bfc77dbfdaccbf7dd43ef48c1a7dcde49
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67da2113f958c94d2970d06bdfec32194fd6879fc938ffb4fc23f8ae306016e9
6834ab0603575e588d4525d0962e30905f5f52e07e43c790e11e690802fea479
6ae2b5dceb7bc36744045aa7c9b63d355f7edf84e8c5970a41e00e06e00e3014
709bffc303ae80d5b101d98cad5d9f73e0ee99693901fb538bae78b3ca12996f
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
762dd40c4f33472766ba42adf45bbf82febb52170cd40cf184fa4e173beeafb7
76b8ed683e327426be09166ef349531980231f8e8960cbc2258737f24c112127
776b1cbba00a9a163150991fb7f0948ddc7d3dbe490623a77ec9aee4169fbd53
77b750f26652131965a758b5fc086e432c25fc09e7438354c1a10a7439b2be97
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b152b348cb50075a9ad6ad57d91bba40ceb50a0f158ae1c1689d67a0fd90286
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854728e3085c8e567946b3c5eef967d20566453a3f8fb292a5c1a40632e53443
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ab758e32437cf86d59e683d808940365c56bf6893f391a96d19e731b21bf154
8bfd21c272adc80071a614ebf5570173e685a612ab7f3b20b8e7f88c3161acda
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f245963a9c13cf8bda96cca45e8947de2d01523f68065b5e962a2a82fff586b
903112ee5969aacb2ffaef994afc9627793d4c6c45277523813b1f4d98ca4dcf
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
959b323d6d404b16646fff656d108c0ef6079419e6a5536ff04f24b69a706d67
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9965821386af88179fa401ee1d17fc6889c6379d80a9be2aa0257d44d9b745d4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a133236564608313dc4cd491c3d6bf05ce8037f72968ed1518da54d393ec3ab3
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a886406853ae917e4a665ca68763e1eb4d794d87ca59c050979c8be8a8331b1d
ae5488cdee6c86ae9f892d07dfa77b93f820e132a99dd1a719cbf909168706c7
af63107eccd5b95330077e53051d50509f31a48354a384488c3cb78798013583
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1bd947c620f6b1eb2b16a5d57721fdea31fa1be9c26ac965026485353a852a5
b2f37a5d48012b60d0912d3469d5d2e1557238e8b91695dbdfa4abf4519aae6e
b5f56ebd1c15c249468578fe108e7480c1a5c1a5a99db0e8a40ab9cad547c817
b67420924b61c974171ee199c51d6be942e783c61f0c197f79abeb78bc143fa3
b81c3c9e81cc2494394424db2bda6a98d5251e6e705b4d65112e2cc67f61004f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc1433dfe4cd0ca09c9c4b582281e016438a8bd293a00f7703ca30ffbd073475
cf71409607b155a60a82913496c9bc935e1a6e992aa81f4c9be20d79a78f3eb1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1f49ff32bb0a337c0ee4586abb29e10eeff04540357dfdd5c33dd3d13089ef9
d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2
d7ae309588831dec5a834a07283f67edf76959582ca86e10fdcd5943679f708a
de8279221cec92147e41e962754da2e9667fe862dc94f192566fa7bec3d11f11
df3679a077b6685ec2811a9606a6b736968ee09e64ae7b003886cf82dd1d1249
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40dd8af07ff517d9b4794e5440ea146fdd14732d472573e2f23e7a540c1a5c0
eb3e17c0f1b1c67c004211e61c5b1a416d53b308b9ac69b87a59c6ccbc751950
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaed253f4365f956cbece72f62502666c04d92e03f6050d3192b0e0c597cf85
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39

wheregoes.com Open in urlscan Pro 2606:4700:3035::ac43:b70e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

232 Requests

73 %HTTPS

30 %IPv6

72 Domains

114 Subdomains

88 IPs

8 Countries

1505 kBTransfer

3664 kBSize

49 Cookies

1 Outgoing links

Redirected requests

232 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wheregoes.com Open in urlscan Pro
2606:4700:3035::ac43:b70e Public Scan

Screenshot
Live screenshot

Full Image

232
Requests

73 %
HTTPS

30 %
IPv6

72
Domains

114
Subdomains

88
IPs

8
Countries

1505 kB
Transfer

3664 kB
Size

49
Cookies

232 HTTP transactions
4 data transactions