wheregoes.com Open in urlscan Pro
2606:4700:3034::6815:240d  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain HTTP 302
• https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&dcc=t

Request Chain 50

• https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=297c550a

Request Chain 51

• https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
• https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=93385684-a043-428c-8312-c6729f9ed2b9

Request Chain 52

• https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
• https://s.amazon-adsystem.com/ecm3?id=B381A3715D4F4CD0B7FD691D989947B2&ex=simpli.fi&status=ok

Request Chain 53

• https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3153873761454775000V10

Request Chain 54

• https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ HTTP 302
• https://stags.bluekai.com/site/23178?id=4x3EUfLeyr94gXw65OQ2&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPJUPAZUKVLGJRSXS4RZGRTVQ5ZWGVHVCMQ HTTP 302
• https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPJUPAZUKVLGJRSXS4RZGRTVQ5ZWGVHVCMQ HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=4x3EUfLeyr94gXw65OQ2

Request Chain 58

• https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1518522182241323064&gdpr=0&gdpr_consent=

Request Chain 59

• https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
• https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=170996ac622413e8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHEny6oxkLagM4qAA_AAAAAAA&expiration=1672472176&is_secure=true

Request Chain 69

• https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=Y66U8AAH08VWUgAo HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y66U8AAH08VWUgAo&gdpr=0&gdpr_consent=&_test=Y66U8AAH08VWUgAo

Request Chain 71

• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ToOUVp6pSYO5MBMuO5fJiw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
• https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 73

• https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=4E839456-9EA9-4983-B930-132E3B97C98B HTTP 303
• https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=4E839456-9EA9-4983-B930-132E3B97C98B&_li_chk=true&previous_uuid=ba5941bf013d48ac9358a47d7b60e58a HTTP 303
• https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F75145%2F0%2Fb23f09698aa242b6a039e682c190ba8c%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&ba5941bf-013d-48ac-9358-a47d7b60e58a HTTP 302
• https://i.liadm.com/s/e/75145/0/b23f09698aa242b6a039e682c190ba8c?mpid=7156&muid=5f5863ae-94f1-4500-8708-c16bb9998cca

Request Chain 74

• https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=4E839456-9EA9-4983-B930-132E3B97C98B HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=4E839456-9EA9-4983-B930-132E3B97C98B HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f2505386-10d4-4775-8427-7bd10f7331c4%252C&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&ttd_puid=f2505386-10d4-4775-8427-7bd10f7331c4%2C

Request Chain 75

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEU4Mzk0NTYtOUVBOS00OTgzLUI5MzAtMTMyRTNCOTdDOThC&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 76

• https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO0YThHsUNyq7-wJJqykM1I&google_cver=1

Request Chain 77

• https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
• https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B381A3715D4F4CD0B7FD691D989947B2

Request Chain 78

• https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7462143544599103430&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 79

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
• https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&gdpr=0&gdpr_consent=

Request Chain 82

• https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LCA7B84O-8-6Q82 HTTP 302
• https://s.amazon-adsystem.com/ecm3?id=LCA7B84O-8-6Q82&ex=d-rubiconproject.com&status=ok

Request Chain 83

• https://token.rubiconproject.com/token?pid=25470 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENBN0I4NE8tOC02UTgy

Request Chain 84

• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGqpdrx9-axB_WnwpcuFMGU&google_cver=1

Request Chain 85

• https://match.adsrvr.org/track/cmf/rubicon HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&gdpr=0&gdpr_consent=&expires=30

Request Chain 87

• https://token.rubiconproject.com/token?pid=36584 HTTP 302
• https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCA7B84O-8-6Q82

Request Chain 88

• https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
• https://pr-bh.ybp.yahoo.com/sync/rubicon/VPEH7xtL3xqa7m4r8vbS4Q?csrc= HTTP 302
• https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lGIh9O1E2oLjtOeWXS7eXNyV4Or3D9gG1Wz5AA--~A

Request Chain 89

• https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTMyNzJiODI2MjRkMGI0ZDMyNDFiNWU5MWEwYTEwNzM4MDgwNTk3OQ

Request Chain 90

• https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
• https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6kE9e-XGQ0Wf9GVGxukg9Q&rk=usync-na HTTP 302
• https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=6kE9e-XGQ0Wf9GVGxukg9Q

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response wheregoes.com/trace/20226096030/	15 KB 5 KB	7674ms 7616ms	Document text/html	2606:4700:3034::6815:240d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wheregoes.com/trace/20226096030/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f9d0313baef4e693fed6a930a16f86b409b5c1ff52ca77fc56a563065c1ccfe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 78191a497ff08c35-EWR content-encoding br content-type text/html; charset=UTF-8 date Fri, 30 Dec 2022 07:36:15 GMT fastcgi-cache MISS link <https://wheregoes.com/?p=19>; rel=shortlink nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGKPUKkaz3ZiyYmwNLS%2BLQXyVjQ7GI5HC0SXWf73v86szk%2FBtelbJ8lhvJtyvi05kf8vEmF5pbE3%2BoOs0VJbilJy062cIo1VniRIGUS3N0Bs7PstGw4cCqZk4qsah1yG3hDPjANxv6iWphhq"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	autoptimize_f9a1917a2417989b13ece1789c9a72fa.css wheregoes.com/c/cache/autoptimize/css/	234 KB 84 KB	32ms 29ms	Stylesheet text/css	2606:4700:3034::6815:240d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wheregoes.com/c/cache/autoptimize/css/autoptimize_f9a1917a2417989b13ece1789c9a72fa.css Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c73847f3cf5d4c6c1bbfbd8aecbe305ae6be9d8baa04c142d73ca20b35b826c3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/trace/20226096030/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1698789 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Sat, 10 Dec 2022 14:22:14 GMT server cloudflare etag W/"63949616-3a722" vary Accept-Encoding x-frame-options SAMEORIGIN content-type text/css report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6XC9gyM2Bx%2BOhc5EKwVK23WecKt9XI1TM5Rcv6XrCQZXOpYQ4gqZ5Uw1XhoqzMPyMJyZvtJf2qenCFIc%2F82UQ43%2FdDMfDvSnbfFXjxPHb5R8WRelYQEYKApMUL8amXV1u7RuCH%2FbMz%2FM22v"}],"group":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 78191a792d108c35-EWR expires Sun, 10 Dec 2023 14:22:30 GMT
GET H2	200	jquery.min.js Show response wheregoes.com/wp-includes/js/jquery/	88 KB 32 KB	58ms 57ms	Script application/javascript	2606:4700:3034::6815:240d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wheregoes.com/wp-includes/js/jquery/jquery.min.js?ver=202212300733 Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/trace/20226096030/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Wed, 09 Nov 2022 14:48:47 GMT server cloudflare etag W/"636bbdcf-15e54" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LIchKdIyvStg7ENHb9aDP3moF3JAnK0s%2FB3OOdcFHyFNrKazZfzdvm%2BmS1JPvLw9Q79A45jHckbDzbeSP7s52wLn6fylTP295%2Fyjhs41VqZwnxwiSXjsCglvT7I9eh0OMA5E%2BjlBhSyIqtLp"}],"group":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 78191a792d118c35-EWR expires Sat, 30 Dec 2023 07:00:16 GMT
GET H3	200	script.js Show response wheregoes.com/js/	1 KB 1 KB	30ms 30ms	Script application/javascript	2606:4700:3034::6815:240d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wheregoes.com/js/script.js Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/trace/20226096030/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cdn-edgestorageid 885 x-cache HIT cdn-cachedat 12/30/2022 06:25:42 cdn-pullzone 682664 cross-origin-resource-policy cross-origin application 10.0.0.6 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Fri, 30 Dec 2022 07:05:22 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcSw6c8BbLPLSVjpejDbBzALc5EP6Ud75zUjc3FpWCuLQ3XacDnom12E%2FqSNqSSs4F6mN0N3v%2BORa5GWhqtxoSA01EkQTCAGWShZ5QF7YVDMxCPbHG7LRAjaKkAGts41%2BXQv92rZ%2FA8zw4OB"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control public, max-age=14400 permissions-policy interest-cohort=() cdn-requestid efbc7b440e44bdd109f148f7f31c9845 cf-ray 78191a797fd18c1e-EWR cdn-requestcountrycode US cdn-status 200 cdn-requestpullsuccess True
GET H2	200	init-1144pc80p2fur20uadwq.js Show response api.fouanalytics.com/api/	456 B 873 B	156ms 103ms	Script text/javascript	2606:4700:e4::ac40:a921 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a921 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5340faf088cf51f643dd493a3fa42a6813c4c136997d541c5bc175363f52bde0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 30 Dec 2022 07:36:15 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GV9LEBhVgqi7ZPKs9TCvCnWRtYyUg5qnRV9bNTebAu1MWI%2BDEiGfQ03agHSYRw6Einijly8s8ODa2yIEeBSrfwzlwow545mr7GLvOHYsIFl9zXgD1O8CubmlukBUw43iPBKZCtd9E3X3shMD80MYMhJ30w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control private, no-cache, no-store, must-revalidate, max-age=0 cf-ray 78191a7a096a192a-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires 0
GET H2	200	wordmonetize.js Show response cdn-monetize.whatstheword.co/48/	122 KB 27 KB	128ms 22ms	Script application/octet-stream	2600:9000:2209:f400:3:206f:ff40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn-monetize.whatstheword.co/48/wordmonetize.js Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2209:f400:3:206f:ff40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 52f6d58c4a673b90ef3eab4bbd7f38dfe68e1674d504cf0b10e6a047fea2a709 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 13:42:27 GMT content-encoding gzip via 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront) last-modified Wed, 07 Dec 2022 14:43:14 GMT server AmazonS3 x-amz-cf-pop EWR53-P1 age 64429 etag "1556426584f0df8cf5659ba799209435" vary Accept-Encoding x-cache Hit from cloudfront content-type application/octet-stream accept-ranges bytes content-length 27341 x-amz-cf-id yORV2VD6lUDkjYsPinXnuDKVsF-RKaoXzLbwK7VU3Zo8HAKeBYUkDQ==
GET H3	200	arrow-redirect-wheregoes.svg wheregoes.com/c/themes/custom-theme/img/	1 KB 1 KB	31ms 30ms	Image image/svg+xml	2606:4700:3034::6815:240d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wheregoes.com/c/themes/custom-theme/img/arrow-redirect-wheregoes.svg Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be0cd36c7aae81d58d929850be4471dcfdae950c9c90f99f1b43e5ed38f82dda Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/trace/20226096030/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4110989 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Sun, 11 Apr 2021 19:20:06 GMT server cloudflare etag W/"60734be6-448" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBmZ6JXxDmrpqTM8jBmEEgOv8ZOhCDMJViZhgfyDF0r43I6Xz0uDcWIiTUxuWW7RKTGWyGbmBgdDbcYdFGB0HNt3Hee7v41zr8Trrb6WprV2W49G6kOHvisid51zCH7KSSBHo6LpFBDFm6tM"}],"group":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 78191a79d8188c1e-EWR expires Wed, 20 Sep 2023 15:11:17 GMT
GET H3	200	autoptimize_cfcb0bc069d14757769d0ad7c7476cce.js Show response wheregoes.com/c/cache/autoptimize/js/	39 KB 13 KB	38ms 37ms	Script application/javascript	2606:4700:3034::6815:240d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wheregoes.com/c/cache/autoptimize/js/autoptimize_cfcb0bc069d14757769d0ad7c7476cce.js Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ae7958ce35b639652f65917de78325e8a716ba820bf9930521ee739b34c4165 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/trace/20226096030/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 1698789 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Sat, 10 Dec 2022 14:22:14 GMT server cloudflare etag W/"63949616-9aef" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3AFz7a1K%2FoabYGZ6sOId491y%2Ff%2FkCRTrz%2BRqcH4w563xxVf6yxNySijl8kfFnnSuwRaIKEa7zarbeawffwN1s%2FZO0VtJ3VnZzLrgWIcwrvInHtjFgyZ2x4fTgkDXOEDiFePao7uiQFj2k%2BC"}],"group":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 78191a79d8198c1e-EWR expires Sun, 10 Dec 2023 14:22:30 GMT
GET H3	200	wp-emoji-release.min.js Show response wheregoes.com/wp-includes/js/	18 KB 5 KB	56ms 55ms	Script application/javascript	2606:4700:3034::6815:240d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wheregoes.com/wp-includes/js/wp-emoji-release.min.js?ver=202212300733 Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/trace/20226096030/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Tue, 19 Jul 2022 19:09:17 GMT server cloudflare etag W/"62d7015d-48b9" vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQd3kiS5%2BH5%2BSDij5xXhR3c9rycZ1pF7nPoMQq5TCa8vIOqBtnitCrwYokw%2FGvsHMKzQHTTXcRo%2BtqaBgfaPUEhT%2Fkgv7XFXxgorWEmuT46Xf7CQSM3hC9Krf7BhLzZF3hhYMx78B7hZRNr%2F"}],"group":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 78191a79d81a8c1e-EWR expires Sat, 30 Dec 2023 07:00:16 GMT
GET H3	200	wheregoes.woff2 wheregoes.com/c/themes/custom-theme/fonts/	8 KB 8 KB	27ms 27ms	Font font/woff2	2606:4700:3034::6815:240d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wheregoes.com/c/themes/custom-theme/fonts/wheregoes.woff2?90359859 Requested by Host: wheregoes.com URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_f9a1917a2417989b13ece1789c9a72fa.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b Request headers Referer https://wheregoes.com/c/cache/autoptimize/css/autoptimize_f9a1917a2417989b13ece1789c9a72fa.css Origin https://wheregoes.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8693512 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 8024 last-modified Fri, 18 Jun 2021 18:52:37 GMT server cloudflare etag "60cceb75-1f58" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ans0n830YBEVfK5Ai6a0Ot5V7%2FA42sd78dcDjzGG65BNfx%2B89V4QmLvwSbU7iu32TYIgAspMvJE7QEYOn%2FkUF3QsSiHN8gpUUUJ9xE%2BZNcEpU7Iblbl1bppcCyxudk8JVs8d8afhpT%2FfGJZ%2F"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes cf-ray 78191a79d81b8c1e-EWR expires Wed, 20 Sep 2023 15:11:12 GMT
GET H3	200	logo-h-blue.svg wheregoes.com/c/themes/custom-theme/img/	15 KB 6 KB	34ms 34ms	Image image/svg+xml	2606:4700:3034::6815:240d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wheregoes.com/c/themes/custom-theme/img/logo-h-blue.svg Requested by Host: wheregoes.com URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_f9a1917a2417989b13ece1789c9a72fa.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/c/cache/autoptimize/css/autoptimize_f9a1917a2417989b13ece1789c9a72fa.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 8695710 content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-xss-protection 1; mode=block last-modified Sun, 11 Apr 2021 19:20:03 GMT server cloudflare etag W/"60734be3-3afa" vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BM%2FJ5M07XNWr2efr1vHzCRWZTbcBY0FvMV8kjmTKQw9t%2BgK2nra6WSVSpqG%2FvzidxgAHbphUsPEky9NfP5zeGH3ixWZN1EhgJAOAlVTMxBwfcs7W%2F6DqkgMGvapEEK%2Br4O%2Fc4TAz0Mf68ts9"}],"group":"cf-nel","max_age":604800} cache-control max-age=31536000 cf-ray 78191a7a18538c1e-EWR expires Wed, 20 Sep 2023 15:11:12 GMT
POST H3	202	event Show response wheregoes.com/api/	2 B 796 B	173ms 173ms	XHR text/plain	2606:4700:3034::6815:240d CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://wheregoes.com/api/event Requested by Host: wheregoes.com URL: https://wheregoes.com/js/script.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://wheregoes.com/trace/20226096030/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers date Fri, 30 Dec 2022 07:36:15 GMT strict-transport-security max-age=31536000; includeSubDomains cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cdn-edgestorageid 885 cdn-cachedat 12/30/2022 07:36:15 cdn-pullzone 682664 application 10.0.1.2 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2 x-request-id FzWCAJvw7rWJv__reAmB cdn-proxyver 1.03 cdn-requestpullcode 202 server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8tzy8M4oxZ4i%2Fx1cJxlb97PuSq4KPK9lSF%2FSWeq6SFWGEBIlBFWTguXg2IvghB3Y%2BTUrnJlf6fJ8Qp8UFixAk687BbZLhFBa7cBh3rE3%2FOywOLnn66f8kScEWaX2Y3wgl7Z7gokkj7l9q6K"}],"group":"cf-nel","max_age":604800} content-type text/plain; charset=utf-8 access-control-allow-origin * cdn-uid 153cb5b1-399a-48ef-b5bf-098c03770254 cache-control must-revalidate, max-age=0, private access-control-allow-credentials true permissions-policy interest-cohort=() cdn-requestid 4096e117954c642b600b82c55799acb5 cf-ray 78191a7a28688c1e-EWR cdn-requestcountrycode US cdn-status 202 cdn-requestpullsuccess True
GET H2	200	1f36a.svg s.w.org/images/core/emoji/14.0.0/svg/	2 KB 1 KB	59ms 16ms	Image image/svg+xml	192.0.77.48 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL https://s.w.org/images/core/emoji/14.0.0/svg/1f36a.svg Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US), Reverse DNS s.w.org Software nginx / Resource Hash 88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-nc HIT yyz 1 date Fri, 30 Dec 2022 07:36:15 GMT content-encoding br x-content-type-options nosniff last-modified Tue, 12 Apr 2022 03:47:50 GMT server nginx vary Accept-Encoding x-frame-options SAMEORIGIN content-type image/svg+xml access-control-allow-origin * access-control-allow-methods GET, HEAD cache-control max-age=315360000 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	80 KB 27 KB	129ms 71ms	Script text/javascript	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5ce1b8b6bc9ae8900b96861eb134e6b4db73075cff0e8e3a230327d75cdbe18 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27539 x-xss-protection 0 server sffe etag "1436 / 107 of 1000 / last-modified: 1670587517" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 30 Dec 2022 07:36:15 GMT
GET H2	200	apstag.js Show response c.amazon-adsystem.com/aax2/	178 KB 45 KB	82ms 20ms	Script application/javascript	143.204.144.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/aax2/apstag.js Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.144.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-144-76.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash 2db364591994c4fb2da18489bf8d4547fac6f633bcea1169e7c68519b47109ff Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 06:59:54 GMT content-encoding gzip via 1.1 68d323cfd4a0f1ae252f92c083654190.cloudfront.net (CloudFront), 1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront) last-modified Thu, 22 Dec 2022 18:13:57 GMT server AmazonS3 x-amz-cf-pop IAD89-P2, EWR52-C2 age 2182 x-amz-server-side-encryption AES256 etag W/"b2496fcafcf1daf6223aefe99a0cf048" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control public, max-age=3600 x-amz-cf-id kzGzXZy8xg-WaMEUs6WwsQ7s2qXADahf50i5b1EbUTsJ17VmgDp4qQ==
GET H2	200	a.js Show response p.adlooxtracking.com/gpt/	8 KB 4 KB	49ms 12ms	Script text/javascript	34.107.231.31 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://p.adlooxtracking.com/gpt/a.js Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 31.231.107.34.bc.googleusercontent.com Software nginx / Resource Hash 7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:18:32 GMT content-encoding gzip x-content-type-options nosniff via 1.1 google server nginx age 1063 etag W/"81c857a6c52da1ca7444f198bd33b2ea" last-modified Tue, 22 Nov 2022 17:41:01 GMT vary Accept-Encoding content-type text/javascript cache-control public,max-age=3600 timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3703
GET H2	200	feedback Show response api-v1.wordmonetize.com/v1/api/	21 B 124 B	245ms 77ms	XHR application/json	54.177.99.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v1.wordmonetize.com/v1/api/feedback?data=eyJicm93c2VyTmFtZSI6IkNocm9tZSIsImRldmljZU5hbWUiOiJkZXNrdG9wIiwib3MiOiJXaW5kb3dzIiwicGFja2V0SWQiOiJjbGNhN2I3OXYwMDAwM2M2YzRrZjhmcmQxIiwic2l0ZUlkIjo0OCwicGFnZVVSTCI6Imh0dHBzOi8vd2hlcmVnb2VzLmNvbS90cmFjZS8yMDIyNjA5NjAzMC8iLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJyZWZlcnJlciI6IiIsInNpdGVEb21haW4iOiJ3aGVyZWdvZXMuY29tIiwiZXZlbnRUeXBlIjoicGFnZXZpZXciLCJpc0Jsb2NrTGlzdGVkIjpmYWxzZX0= Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.99.232 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-99-232.us-west-1.compute.amazonaws.com Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Fri, 30 Dec 2022 07:36:15 GMT content-length 21 content-type application/json; charset=utf-8
GET H3	200	pp.js Show response api.fouanalytics.com/s/	15 KB 6 KB	51ms 25ms	Script text/javascript	2606:4700:e4::ac40:a921 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.fouanalytics.com/s/pp.js Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a921 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT content-encoding br cf-cache-status HIT last-modified Tue, 18 Oct 2022 14:09:14 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4185 etag W/"634eb38a-3bc0" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BIA%2BnKlyMrr8VEBMak2QhkLNpRvXDpoF3BWESX0lnKVKFufbHRqoatdhJ4UuS7DMiZ9t1uagZJAtcPGhDsFE5u2Qs7LabEtE46e8CxpouCC3dOvQDpNtoFWuDmtwyotmJdi8tBhBJsvHifdybjs%2FcH%2F3w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cf-ray 78191a7addb39e1c-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	feedback Show response api-v1.wordmonetize.com/v1/api/	21 B 124 B	276ms 150ms	XHR application/json	54.177.99.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v1.wordmonetize.com/v1/api/feedback?data=eyJwYWNrZXRJZCI6ImNsY2E3Yjc5djAwMDAzYzZjNGtmOGZyZDEiLCJzaXRlSWQiOjQ4LCJicm93c2VyIjoiQ2hyb21lIiwib3MiOiJXaW5kb3dzIiwicGxhdGZvcm0iOiJERVNLVE9QIiwidHlwZSI6ImxlYWRlcmJvYXJkIiwid2lkdGgiOm51bGwsImhlaWdodCI6bnVsbCwiaXNSZW5kZXJlZCI6dHJ1ZSwiZXZlbnRUeXBlIjoiYWRyZXF1ZXN0In0= Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.99.232 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-99-232.us-west-1.compute.amazonaws.com Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Fri, 30 Dec 2022 07:36:15 GMT content-length 21 content-type application/json; charset=utf-8
GET H2	200	feedback Show response api-v1.wordmonetize.com/v1/api/	21 B 125 B	197ms 76ms	XHR application/json	54.177.99.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v1.wordmonetize.com/v1/api/feedback?data=eyJwYWNrZXRJZCI6ImNsY2E3Yjc5djAwMDAzYzZjNGtmOGZyZDEiLCJzaXRlSWQiOjQ4LCJicm93c2VyIjoiQ2hyb21lIiwib3MiOiJXaW5kb3dzIiwicGxhdGZvcm0iOiJERVNLVE9QIiwidHlwZSI6ImxlYWRlcmJvYXJkIiwid2lkdGgiOm51bGwsImhlaWdodCI6bnVsbCwiaXNSZW5kZXJlZCI6dHJ1ZSwiZXZlbnRUeXBlIjoiYWRyZXF1ZXN0In0= Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.99.232 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-99-232.us-west-1.compute.amazonaws.com Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Fri, 30 Dec 2022 07:36:15 GMT content-length 21 content-type application/json; charset=utf-8
GET H2	200	feedback Show response api-v1.wordmonetize.com/v1/api/	21 B 124 B	197ms 79ms	XHR application/json	54.177.99.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v1.wordmonetize.com/v1/api/feedback?data=eyJwYWNrZXRJZCI6ImNsY2E3Yjc5djAwMDAzYzZjNGtmOGZyZDEiLCJzaXRlSWQiOjQ4LCJicm93c2VyIjoiQ2hyb21lIiwib3MiOiJXaW5kb3dzIiwicGxhdGZvcm0iOiJERVNLVE9QIiwidHlwZSI6InNkcy1zaWRlYmFyIiwid2lkdGgiOm51bGwsImhlaWdodCI6bnVsbCwiaXNSZW5kZXJlZCI6dHJ1ZSwiZXZlbnRUeXBlIjoiYWRyZXF1ZXN0In0= Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.99.232 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-99-232.us-west-1.compute.amazonaws.com Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Fri, 30 Dec 2022 07:36:15 GMT content-length 21 content-type application/json; charset=utf-8
GET H2	200	feedback Show response api-v1.wordmonetize.com/v1/api/	21 B 124 B	195ms 78ms	XHR application/json	54.177.99.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v1.wordmonetize.com/v1/api/feedback?data=eyJwYWNrZXRJZCI6ImNsY2E3Yjc5djAwMDAzYzZjNGtmOGZyZDEiLCJzaXRlSWQiOjQ4LCJicm93c2VyIjoiQ2hyb21lIiwib3MiOiJXaW5kb3dzIiwicGxhdGZvcm0iOiJERVNLVE9QIiwidHlwZSI6ImF0Zi1zaWRlYmFyIiwid2lkdGgiOm51bGwsImhlaWdodCI6bnVsbCwiaXNSZW5kZXJlZCI6dHJ1ZSwiZXZlbnRUeXBlIjoiYWRyZXF1ZXN0In0= Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.99.232 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-99-232.us-west-1.compute.amazonaws.com Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Fri, 30 Dec 2022 07:36:15 GMT content-length 21 content-type application/json; charset=utf-8
GET DATA	200 OK	truncated /	15 KB 15 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991 Request headers Referer Origin https://wheregoes.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type application/x-font-woff;charset=utf-8
GET H2	200	config Show response c.amazon-adsystem.com/cdn/prod/	385 B 732 B	32ms 31ms	XHR application/json	143.204.144.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwheregoes.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772 Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.144.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-144-76.ewr52.r.cloudfront.net Software Server / Resource Hash 17c1a65dfc520d641ac19f90acbbb439bd737a4e0bfbbffad3733203abe9280e Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:15 GMT via 1.1 71f2fed44216f4391ecbb693ee450dce.cloudfront.net (CloudFront) server Server x-amz-cf-pop EWR52-C2 x-cache Miss from cloudfront content-type application/json;charset=UTF-8 access-control-allow-origin https://wheregoes.com cache-control max-age=21550, s-maxage=21600 access-control-allow-credentials true content-length 385 x-amz-cf-id U3D2FXMb7Emit0YbT2Z0sjtwdd0HMaGiwbQTTigTB0hFys4kSNHckA==
GET H2	200	aps_csm.js Show response c.amazon-adsystem.com/bao-csm/aps-comm/	6 KB 3 KB	59ms 20ms	XHR application/javascript	143.204.144.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.144.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-144-76.ewr52.r.cloudfront.net Software AmazonS3 / Resource Hash 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 23:08:40 GMT x-amz-version-id 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn content-encoding gzip via 1.1 81834769243dfd27a095a32cf5b86722.cloudfront.net (CloudFront) x-amz-cf-pop EWR52-C2 age 30457 x-cache Hit from cloudfront last-modified Fri, 23 Dec 2022 01:05:48 GMT server AmazonS3 etag W/"a4d296427fc806b21335359e398c025c" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control public, max-age=86400 vary Accept-Encoding,Origin x-amz-cf-id DTSqDuclcG0i_pxD4jg1UhPFROrFu_mogcdTgFTZBk8OdyozWlxjWQ==
GET H3	200	pubads_impl_2022120501.js Show response securepubads.g.doubleclick.net/gpt/	380 KB 129 KB	61ms 19ms	Script text/javascript	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Thu, 29 Dec 2022 21:42:46 GMT content-encoding gzip x-content-type-options nosniff age 35610 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131905 x-xss-protection 0 last-modified Mon, 05 Dec 2022 09:36:10 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Fri, 29 Dec 2023 21:42:46 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	98 B 91 B	75ms 35ms	XHR application/json	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wheregoes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 900f497e7f3b62505bcc6316973c7c359c52f3f1f43796a16f71f88c24d7da67 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 66 x-xss-protection 0 expires Fri, 30 Dec 2022 07:36:16 GMT
GET H2	200	id5-api.js Show response cdn.id5-sync.com/api/1.0/	57 KB 17 KB	60ms 21ms	Script text/javascript	2606:4700:10::6816:3456 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.id5-sync.com/api/1.0/id5-api.js Requested by Host: wheregoes.com URL: https://wheregoes.com/trace/20226096030/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT strict-transport-security max-age=15552000; includeSubDomains; preload content-encoding gzip cf-cache-status HIT last-modified Thu, 24 Nov 2022 12:48:29 GMT server cloudflare x-amz-request-id QSVXD5NDHZD0NQ2Q age 3266 etag W/"9ee82d693d1e83b3a37ee20226716f78" x-amz-server-side-encryption AES256 vary Accept-Encoding content-type text/javascript;charset=utf-8 cache-control public, max-age=3600 cf-ray 78191a7c58594bb8-YUL x-amz-id-2 mKtZFL+Fe2mfs+vxMsGeBu0gjZ/Y58/UH0M+JD7mDQmdICFMSmvJCeZaOxoTyB051UOnJEi1lnk=
GET H/1.1	200	v1 Show response lb.eu-1-id5-sync.com/lb/	33 B 400 B	319ms 98ms	XHR application/json	141.95.98.65 OVH
General Check archive.org Show headers Download Go to Full URL https://lb.eu-1-id5-sync.com/lb/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 141.95.98.65 , France, ASN16276 (OVH, FR), Reverse DNS ns3216659.ip-141-95-98.eu Software / Resource Hash 0c22dc4a38be720143f13fb80474c2f66bd39295af8f603e990ecdd62d54cef6 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://wheregoes.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://wheregoes.com date Fri, 30 Dec 2022 07:36:16 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8
GET H/1.1	200 OK	v1 Show response lbs.eu-1-id5-sync.com/lbs/	54 B 228 B	299ms 95ms	XHR application/json	2001:41d0:701:1000::31d2 OVH
General Check archive.org Show headers Download Go to Full URL https://lbs.eu-1-id5-sync.com/lbs/v1 Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 16aace5b0a1a774628c07bf2d4a4a8a23ee2ba6128408b00bba5dc48f7e578e8 Request headers Referer https://wheregoes.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://wheregoes.com date Fri, 30 Dec 2022 07:36:16 GMT content-length 54 vary Origin content-type application/json
GET H2	200	bid Show response aax-dtb-cf.amazon-adsystem.com/e/dtb/	166 B 604 B	213ms 137ms	XHR text/javascript	108.138.124.226 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20226096030%2F&pid=oVBdSSYJAV5PK&cb=0&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22leaderboard-71900253%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21751243814%2C22591626215%2FWM_PUB_wheregoes.com%2FWM_PUB_wheregoes.com_Leaderboard%22%7D%5D&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.124.226 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-124-226.jfk50.r.cloudfront.net Software Server / Resource Hash 1f4a64ee8e495e7cff9ea6fd6140c8ac44c9389084db1ff38dbaca10d79c3825 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 41c6f8f93eca2f7c81a04a82e2d6ae92.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P4 x-amz-rid 032JX86RGDBWQ7DNQVZB vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://wheregoes.com access-control-allow-credentials true timing-allow-origin * content-length 166 x-amz-cf-id UVvB4jYbcEfUX_LHjCVA8RrzvDQt7mkEopzU3e55xBXLZ4JpOjz7OA==
GET H2	200	bid Show response aax-dtb-cf.amazon-adsystem.com/e/dtb/	166 B 604 B	193ms 124ms	XHR text/javascript	108.138.124.226 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20226096030%2F&pid=oVBdSSYJAV5PK&cb=1&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22leaderboard-67560927%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21751243814%2C22591626215%2FWM_PUB_wheregoes.com%2FWM_PUB_wheregoes.com_Leaderboard%22%7D%5D&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.124.226 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-124-226.jfk50.r.cloudfront.net Software Server / Resource Hash 9616f0a7b4d34627220be5f579c8ca2e89e2ebf39996f6d841d56414d6f19334 Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 41c6f8f93eca2f7c81a04a82e2d6ae92.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P4 x-amz-rid JMWTQ9C244RWNYH67PPV vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://wheregoes.com access-control-allow-credentials true timing-allow-origin * content-length 166 x-amz-cf-id QRSnkgJjHUinZLGkGmVwcsGpS3GmiIq1hARfDGeCmdSvvtRrPmm-9Q==
GET H2	200	bid Show response aax-dtb-cf.amazon-adsystem.com/e/dtb/	166 B 603 B	189ms 126ms	XHR text/javascript	108.138.124.226 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20226096030%2F&pid=oVBdSSYJAV5PK&cb=2&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22alc-sds%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F21751243814%2C22591626215%2FWM_PUB_wheregoes.com%2FWM_PUB_wheregoes.com_StickyDockedSidebar%22%7D%5D&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.124.226 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-124-226.jfk50.r.cloudfront.net Software Server / Resource Hash 2c9a1f399563d4fd4ade83f94ecbe2e29ce5bc71ede53e6dc894fec25002f97c Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 41c6f8f93eca2f7c81a04a82e2d6ae92.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P4 x-amz-rid W4GKJBMH4SFZCH68BQBQ vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://wheregoes.com access-control-allow-credentials true timing-allow-origin * content-length 166 x-amz-cf-id Om13dtyG_VA3wiOWcHkdsPF5Io-sfA9coZ8Az7zy9v1HuD_ujV5ggQ==
GET H2	200	bid Show response aax-dtb-cf.amazon-adsystem.com/e/dtb/	166 B 603 B	196ms 137ms	XHR text/javascript	108.138.124.226 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20226096030%2F&pid=oVBdSSYJAV5PK&cb=3&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22alc-atfs%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F21751243814%2C22591626215%2FWM_PUB_wheregoes.com%2FWM_PUB_wheregoes.com_ATFSidebar%22%7D%5D&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.138.124.226 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-124-226.jfk50.r.cloudfront.net Software Server / Resource Hash 71d03cdbc843a8d7b402c32987e4218a41653a300d73badc76e0c6181f18ebca Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT strict-transport-security max-age=47474747; includeSubDomains; preload via 1.1 41c6f8f93eca2f7c81a04a82e2d6ae92.cloudfront.net (CloudFront) server Server x-amz-cf-pop JFK50-P4 x-amz-rid VEC5YBRCYGK8V1T79JBE vary Accept-Encoding,User-Agent x-cache Miss from cloudfront content-type text/javascript;charset=UTF-8 access-control-allow-origin https://wheregoes.com access-control-allow-credentials true timing-allow-origin * content-length 166 x-amz-cf-id UgH_XPF4cLcBsGx3fBgYDjq_xjkPA9Lgi8k3Zp96uO075KafRHFvRg==
POST H3	200	x Show response api.fouanalytics.com/api/	0 457 B	132ms 111ms	XHR text/plain	2606:4700:e4::ac40:a921 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.fouanalytics.com/api/x?EhlEISaHqaxVQ1BE$dXJsJDAkaHR0cHM6Ly93aGVyZWdvZXMuY29tL3RyYWNlLzIwMjI2MDk2MDMwLyIsInJlZmVycmVyJDAkIiwiYW5jZXN0b3JPcmlnaW5zJDAkIiwidmlkZW8kMCQxNjAweDEyMDB4MjQiLCJmcmFtZSQwJDAiLCJoaWRkZW4kMCQwIiwidmlzaWJpbGl0eVN0YXRlJDAkdmlzaWJsZSIsImhhc0ZvY3VzJDAkMSIsIndpbmRvdyQwJDE2MDB4MTIwMCIsInBpeGVscmF0aW8kMCQxIiwiaW5uZXIkMCQxNjAweDEyMDAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQxJDEiLCJzZXNzaW9uU3RvcmFnZSQxJDEiLCJhcHBDb2RlTmFtZSQxJE1vemlsbGEiLCJhcHBOYW1lJDEkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDEkNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDguMC41MzU5LjEyNCBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkZXZpY2VNZW1vcnkkMSQ4IiwiZG9Ob3RUcmFjayQxJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMSQ0IiwibGFuZ3VhZ2UkMSRlbi1VUyIsInBsYXRmb3JtJDEkV2luMzIiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJ1c2VyQWdlbnQkMSRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA4LjAuNTM1OS4xMjQgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwid2ViZHJpdmVyJDEkZmFsc2UiLCJuYXZpZ2F0b3ItaGFzaCQ4JDI5ZTQxODZkIiwibmF2aWdhdG9yLXRpbWUkOCQ2LjIiLCJzZW5kQmVhY29uJDgkMSIsImZvbnRyZW5kZXIkOCQxIiwidGltZSQ4JDE2NzIzODU3NzU4NDUiLCJ0aW1lem9uZSQ5JDAiLCJwbHVnaW5zLXRpbWUkOSQwLjIiLCJwbHVnaW5zJDkkYjZkMDU1NTgiLCJtZW0tdG90YWxKU0hlYXBTaXplJDkkMTAiLCJtZW0tdXNlZEpTSGVhcFNpemUkOSQxMCIsIm1lbS1qc0hlYXBTaXplTGltaXQkOSQzNzYwIiwidGltZS1kb21haW5Mb29rdXBTdGFydCQ5JDIiLCJ0aW1lLWRvbWFpbkxvb2t1cEVuZCQ5JDE0IiwidGltZS1jb25uZWN0U3RhcnQkOSQxNCIsInRpbWUtY29ubmVjdEVuZCQ5JDU5IiwidGltZS1zZWN1cmVDb25uZWN0aW9uU3RhcnQkOSQzMSIsInRpbWUtcmVxdWVzdFN0YXJ0JDkkNTkiLCJ0aW1lLXJlc3BvbnNlU3RhcnQkOSQ3Njc1IiwidGltZS1yZXNwb25zZUVuZCQ5JDc2NzYiLCJ0aW1lLWRvbUxvYWRpbmckOSQ3Njc5IiwidGltZS1kb21JbnRlcmFjdGl2ZSQ5JDc4NDIiLCJ0aW1lLWRvbUNvbnRlbnRMb2FkZWRFdmVudFN0YXJ0JDkkNzg1NiIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50RW5kJDkkNzg1NiIsIm5hdmlnYXRpb24tcmVkaXJlY3RDb3VudCQxMCQwIiwibmF2aWdhdGlvbi10eXBlJDEwJG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDMxJDAiLCJnbG9iYWxzJDMyJDczNWYxMGM4IiwiZG9jdW1lbnQtdGltZSQ0MiQwIiwiZG9jdW1lbnQkNDMkNDdjMDc0NGQiLCJjb25uZWN0aW9uJDQzJCIsImRvd25saW5rTWF4JDQzJCIsImdldFVzZXJNZWRpYSQ0MyQyIiwicGFnZS1mcmFtZS1jb3VudCQ0NCQwIiwicGFnZS1oYXNoLXRpbWUkNDUkMC41IiwicGFnZS1oYXNoJDQ1JGQ5MzM3ZDRlIiwiZm9udCQ2MiQxMDAwMDAwIiwic3R5bGUtaGFzaCQ2MyQ4Y2I2YjJjYyIsInN0eWxlLXRpbWUkNjMkMSIsImF1ZGlvLWNvZGVjJDY0JDIyMjEyIiwidmlkZW8tY29kZWMkNjQkMjIyMDAwIiwiY2xvY2skNzQkMTI4MSIsInNvcnQkOTgkMjQuNyIsInN0YWNrJDEwMiQxMzk1NyIsInN0YWNrLWVycm9yJDEwMiRSYW5nZUVycm9yOiBNYXhpbXVtIGNhbGwgc3RhY2sgc2l6ZSBleGNlZWRlZCIsInN0YWNrLXRpbWUkMTAyJDMiLCJ3ZWJnbCQxMTEkMSIsIndlYmdsMiQxMTEkMSIsIndlYmdsLXZlbmRvciQxMTEkSW50ZWwgSW5jLiIsIndlYmdsLXJlbmRlcmVyJDExMSRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDExMSQ0NDk1Mzk2NSIsIndlYmdsLXRpbWUkMTExJDkuMyIsInBlcm1pc3Npb24tZ2VvbG9jYXRpb24kMTE5JHByb21wdCIsImJhdHRlcnkkMTE5JDEgMSAwIEluZmluaXR5IiwiYXVkaW9jb250ZXh0JDEyNCRmN2U3MTJkOSIsImF1ZGlvY29udGV4dC10aW1lJDEyNCQ1NS43IiwiaW50ZXJzZWN0aW9uLXNpemUkMTI1JDE2MDB4MTIwMCIsImludGVyc2VjdGlvbi1lbnRlciQxMjUkMHgwIDE2MDB4MTIwMCIsImludGVyc2VjdGlvbiQxMjUkNTEiLCJwZXJtaXNzaW9uLW5vdGlmaWNhdGlvbnMkMTI2JHByb21wdCIsInBlcm1pc3Npb24tY2FtZXJhJDEyNiRwcm9tcHQiLCJwZXJtaXNzaW9uLW1pY3JvcGhvbmUkMTI2JHByb21wdCIsInBlcm1pc3Npb24tcGVyc2lzdGVudC1zdG9yYWdlJDEyNiRwcm9tcHQiLCJhZGJsb2NrJDE2NCQwIiwiZnJhbWVyYXRlJDE3OSQ2MA~~ Requested by Host: api.fouanalytics.com URL: https://api.fouanalytics.com/s/pp.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e4::ac40:a921 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-allow-methods * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oqixWGdIcFJKVfvGFAsnlnmhyvE5BcFpkcgs3GZA0P1AUxl1Z66%2Filj5Eed1zTSEjWJ2%2ByTBtrAVPcpUCD01W1bx6%2Bj8Kv%2FBCQtPgdXR901rMiA610OOf8U4gSHTyg%2BDpFb4quw0emNo25KEl8mCJpGNwQ%3D%3D"}],"group":"cf-nel","max_age":604800} access-control-allow-origin * cf-ray 78191a7d7a7e19df-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H3	200	q Show response p.adlooxtracking.com/	67 B 89 B	71ms 47ms	XHR application/json	34.107.231.31 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://p.adlooxtracking.com/q?v=gpt-92559af&c=636&t=1520&p=328&pn=%2Ftrace%2F20226096030%2F&s=%2F21751243814%2C22591626215%2FWM_PUB_wheregoes.com%2FWM_PUB_wheregoes.com_Leaderboard%09leaderboard-71900253&s=%2F21751243814%2C22591626215%2FWM_PUB_wheregoes.com%2FWM_PUB_wheregoes.com_Leaderboard%09leaderboard-67560927&s=%2F21751243814%2C22591626215%2FWM_PUB_wheregoes.com%2FWM_PUB_wheregoes.com_StickyDockedSidebar%09alc-sds&s=%2F21751243814%2C22591626215%2FWM_PUB_wheregoes.com%2FWM_PUB_wheregoes.com_ATFSidebar%09alc-atfs Requested by Host: p.adlooxtracking.com URL: https://p.adlooxtracking.com/gpt/a.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 31.231.107.34.bc.googleusercontent.com Software nginx / Resource Hash f98c8a13fedea54a3b52c3c2df8ec866349088f51e5584897057c93a15dea890 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-adloox-pubint-version 20221230021040 date Fri, 30 Dec 2022 07:36:16 GMT content-encoding gzip x-content-type-options nosniff x-real-ip 149.56.153.179 x-adloox-pubint-commit 80ca8d3 via 1.1 google x-adloox-pubint-commit-db b1136daf0-dirty server-timing conn;dur=0.006, ua;dur=0.033, segment_pipeline;dur=0.229, segment_ip;dur=0.004, segment_iab-valid;dur=0.010, segment_iab-spider;dur=1.660, segment_bs;dur=0.005, segment;dur=2.094 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 server nginx vary Accept-Encoding, origin, user-agent access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://wheregoes.com access-control-expose-headers x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version cache-control private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400 access-control-max-age 600 timing-allow-origin * access-control-allow-headers x-cloud-trace-context
GET H3	200	q Show response p.adlooxtracking.com/	25 B 74 B	70ms 48ms	XHR application/json	34.107.231.31 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://p.adlooxtracking.com/q?v=gpt-92559af&c=636&t=1520&p=328&pn=%2Ftrace%2F20226096030%2F Requested by Host: p.adlooxtracking.com URL: https://p.adlooxtracking.com/gpt/a.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 31.231.107.34.bc.googleusercontent.com Software nginx / Resource Hash 25fcb6bd30ea6eec16ab1ec6149c841aa6ff9d0c886e697f35e37cb8a415803c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-adloox-pubint-version 20221230021040 date Fri, 30 Dec 2022 07:36:16 GMT content-encoding gzip x-content-type-options nosniff x-real-ip 149.56.153.179 x-adloox-pubint-commit 80ca8d3 via 1.1 google x-adloox-pubint-commit-db b1136daf0-dirty server-timing conn;dur=0.005, ua;dur=0.032, segment_pipeline;dur=0.135, segment_ip;dur=0.004, segment_iab-valid;dur=0.010, segment_iab-spider;dur=1.531, segment_bs;dur=0.004, segment;dur=1.831 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 server nginx vary Accept-Encoding, origin, user-agent access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://wheregoes.com access-control-expose-headers x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version cache-control private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400 access-control-max-age 600 timing-allow-origin * access-control-allow-headers x-cloud-trace-context
GET H/1.1	200 OK	iu3 Show response s.amazon-adsystem.com/ Frame 82E6 Redirect Chain https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&dcc=t	336 B 1 KB	57ms 57ms	Document text/html	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&dcc=t Requested by Host: c.amazon-adsystem.com URL: https://c.amazon-adsystem.com/aax2/apstag.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash 5d3c1c68ad8d30a442dbdc3078aa124b01322617a85440f133801849fb9a061d Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://wheregoes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 336 Content-Type text/html;charset=ISO-8859-1 Date Fri, 30 Dec 2022 07:36:16 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid Q5FX7N1MXCF07PND2YQS Redirect headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 0 Date Fri, 30 Dec 2022 07:36:16 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Location https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&dcc=t Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" x-amz-rid GV9PCMXN3E53G2S56BDV
GET H3	200	q Show response p.adlooxtracking.com/	25 B 74 B	60ms 46ms	XHR application/json	34.107.231.31 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://p.adlooxtracking.com/q?v=gpt-92559af&c=636&t=1520&p=328&pn=%2Ftrace%2F20226096030%2F Requested by Host: p.adlooxtracking.com URL: https://p.adlooxtracking.com/gpt/a.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 31.231.107.34.bc.googleusercontent.com Software nginx / Resource Hash 25fcb6bd30ea6eec16ab1ec6149c841aa6ff9d0c886e697f35e37cb8a415803c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-adloox-pubint-version 20221230021040 date Fri, 30 Dec 2022 07:36:16 GMT content-encoding gzip x-content-type-options nosniff x-real-ip 149.56.153.179 x-adloox-pubint-commit 80ca8d3 via 1.1 google x-adloox-pubint-commit-db b1136daf0-dirty server-timing conn;dur=0.024, ua;dur=0.040, segment_pipeline;dur=0.315, segment_ip;dur=0.007, segment_iab-valid;dur=0.013, segment_iab-spider;dur=1.641, segment_bs;dur=0.005, segment;dur=2.279 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 server nginx vary Accept-Encoding, origin, user-agent access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://wheregoes.com access-control-expose-headers x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version cache-control private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400 access-control-max-age 600 timing-allow-origin * access-control-allow-headers x-cloud-trace-context
GET H3	200	q Show response p.adlooxtracking.com/	25 B 74 B	61ms 49ms	XHR application/json	34.107.231.31 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://p.adlooxtracking.com/q?v=gpt-92559af&c=636&t=1520&p=328&pn=%2Ftrace%2F20226096030%2F Requested by Host: p.adlooxtracking.com URL: https://p.adlooxtracking.com/gpt/a.js Protocol H3 Security QUIC, , AES_128_GCM Server 34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 31.231.107.34.bc.googleusercontent.com Software nginx / Resource Hash 25fcb6bd30ea6eec16ab1ec6149c841aa6ff9d0c886e697f35e37cb8a415803c Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers x-adloox-pubint-version 20221230021040 date Fri, 30 Dec 2022 07:36:16 GMT content-encoding gzip x-content-type-options nosniff x-real-ip 149.56.153.179 x-adloox-pubint-commit 80ca8d3 via 1.1 google x-adloox-pubint-commit-db b1136daf0-dirty server-timing conn;dur=0.004, ua;dur=0.031, segment_pipeline;dur=0.122, segment_ip;dur=0.004, segment_iab-valid;dur=0.022, segment_iab-spider;dur=1.414, segment_bs;dur=0.003, segment;dur=1.693 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 server nginx vary Accept-Encoding, origin, user-agent access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://wheregoes.com access-control-expose-headers x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version cache-control private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400 access-control-max-age 600 timing-allow-origin * access-control-allow-headers x-cloud-trace-context
GET H2	200	integrator.js Show response adservice.google.ca/adsid/	107 B 792 B	114ms 34ms	Script application/javascript	2607:f8b0:4006:81d::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.ca/adsid/integrator.js?domain=wheregoes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	91ms 34ms	Script application/javascript	2607:f8b0:4006:807::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=wheregoes.com Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:807::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	1 KB 606 B	330ms 329ms	XHR text/plain	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2760854197816138&correlator=2984536035061778&eid=31070872%2C31070232%2C44769661&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21751243814%3A22591626215%2CWM_PUB_wheregoes.com%2CWM_PUB_wheregoes.com_Leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=1&adks=1565921281&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26adl_atf%3D90%2C80%2C70%2C60%2C50&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26adl_ip%3Dadloox-dc%26adl_ok%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1672385776468&lmt=1672385776&dlt=1672385775529&idt=585&adxs=315&adys=268&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20226096030%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=0&ohw=0&ga_vid=723406767.1672385776&ga_sid=1672385776&ga_hid=2021704743&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fcd4e5bbd7ef41ed1f4c3445114c6f7b2467ea77a8d5fe49dbb465dadc7eae2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 576 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://wheregoes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	tfav_adl_636.js Show response j.adlooxtracking.com/ads/js/	64 KB 23 KB	437ms 359ms	Script application/javascript	2606:4700:10::ac43:2415 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://j.adlooxtracking.com/ads/js/tfav_adl_636.js Requested by Host: p.adlooxtracking.com URL: https://p.adlooxtracking.com/gpt/a.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:2415 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73d5f7acad648ea6f7c92f2f1a609f504fde54397a4779c9f35cd8df70176f92 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT content-encoding gzip cf-cache-status REVALIDATED last-modified Fri, 25 Feb 2022 17:38:07 GMT server cloudflare etag W/"621913ff-ffe6" vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 78191a7f782a4bca-YUL
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	15 KB 12 KB	119ms 46ms	XHR application/json	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f1e4ef5de05db574feb8782a7ec50ce759c917e4ad35f667b8fccf0fa0cfee67 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11388 x-xss-protection 0
GET H2	200	container.html Show response 1163784b0c6ab0f64cf7e337614df2a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C3DB	6 KB 3 KB	118ms 33ms	Document text/html	2607:f8b0:4006:809::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://1163784b0c6ab0f64cf7e337614df2a5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:809::2001 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://wheregoes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Fri, 30 Dec 2022 07:36:16 GMT expires Sat, 30 Dec 2023 07:36:16 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	989 B 515 B	315ms 315ms	XHR text/plain	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2760854197816138&correlator=291264920343583&eid=31070872%2C31070232%2C44769661&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21751243814%3A22591626215%2CWM_PUB_wheregoes.com%2CWM_PUB_wheregoes.com_Leaderboard&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=2&adks=2763143411&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26adl_atf%3D90%2C80%2C70%2C60%2C50%26adl_dis%3D-1&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26adl_ip%3Dadloox-dc%26adl_ok%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1672385776491&lmt=1672385776&dlt=1672385775529&idt=585&adxs=315&adys=838&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20226096030%2F&frm=20&vis=1&psz=970x-1&msz=970x-1&fws=0&ohw=0&ga_vid=723406767.1672385776&ga_sid=1672385776&ga_hid=2021704743&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 54de2648d6ebcca752dcb8aee2ff21a44ad613acdc73dcf8a8d82f8bd6edade5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 485 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://wheregoes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	997 B 533 B	313ms 313ms	XHR text/plain	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2760854197816138&correlator=1544147207928511&eid=31070872%2C31070232%2C44769661&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21751243814%3A22591626215%2CWM_PUB_wheregoes.com%2CWM_PUB_wheregoes.com_StickyDockedSidebar&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C300x600&ifi=3&adks=3376308153&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26adl_dis%3D-1&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26adl_ip%3Dadloox-dc%26adl_ok%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1672385776500&lmt=1672385776&dlt=1672385775529&idt=585&adxs=1091&adys=1664&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20226096030%2F&frm=20&vis=1&psz=300x13&msz=300x0&fws=0&ohw=0&ga_vid=723406767.1672385776&ga_sid=1672385776&ga_hid=2021704743&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 845b1005fff180f1728b081140bc9d747aa5b769c94eaab281a1b77632674927 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 503 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://wheregoes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	988 B 521 B	289ms 289ms	XHR text/plain	2607:f8b0:4006:81e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2760854197816138&correlator=3000564010123868&eid=31070872%2C31070232%2C44769661&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=21751243814%3A22591626215%2CWM_PUB_wheregoes.com%2CWM_PUB_wheregoes.com_ATFSidebar&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600%7C160x600%7C300x250&ifi=4&adks=2702263037&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26adl_atf%3D60%2C50%26adl_dis%3D-1&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26adl_ip%3Dadloox-dc%26adl_ok%3D1&sc=1&cookie_enabled=1&abxe=1&dt=1672385776509&lmt=1672385776&dlt=1672385775529&idt=585&adxs=1091&adys=1029&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20226096030%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=0&ohw=0&ga_vid=723406767.1672385776&ga_sid=1672385776&ga_hid=2021704743&ga_fc=false Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81e::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 24674322cfa8c646d42069a002245b64261d165958708d484a11cbf8ba65d789 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 491 x-xss-protection 0 google-lineitem-id -2 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id -2 content-type text/plain; charset=UTF-8 access-control-allow-origin https://wheregoes.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200	984.json Show response id5-sync.com/g/v2/	462 B 1 KB	315ms 96ms	XHR application/json	162.19.138.82 OVH
General Check archive.org Show headers Download Go to Full URL https://id5-sync.com/g/v2/984.json Requested by Host: cdn.id5-sync.com URL: https://cdn.id5-sync.com/api/1.0/id5-api.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 162.19.138.82 , France, ASN16276 (OVH, FR), Reverse DNS ns31532337.ip-162-19-138.eu Software / Resource Hash f53f7c4c1000f1ca895109bee7571d9d1f4f550eb9c3e438b70949ccd6806742 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers Referer https://wheregoes.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Content-Type text/plain Response headers date Fri, 30 Dec 2022 07:36:16 GMT strict-transport-security max-age=63072000; includeSubDomains; preload vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin transfer-encoding chunked content-type application/json;charset=UTF-8 access-control-allow-origin https://wheregoes.com p3p CP="CAO PSA OUR" access-control-allow-credentials true
GET H/1.1	200 OK	pr Show response s.amazon-adsystem.com/v3/ Frame 6C83	2 KB 2 KB	29ms 28ms	Document text/html	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&dcc=t Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash b7e373753be755392dbd40d2b0483d44f4733fa6c19491e599f4b5621f10790b Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&dcc=t Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 1948 Content-Type text/html;charset=ISO-8859-1 Date Fri, 30 Dec 2022 07:36:16 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent x-amz-rid HHVZNGSPS9HNVMPMXE8H
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 6C83 Redirect Chain https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=297c550a	43 B 479 B	31ms 31ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=297c550a Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 30 Dec 2022 07:36:16 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid VF1NWSRKKWZGXXZ5DRRS Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers date Fri, 30 Dec 2022 07:36:16 GMT via 1.1 11140291d542e546b40770525cf1e1b4.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop EWR53-P1 x-cache FunctionGeneratedResponse from cloudfront p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=297c550a cache-control no-cache, must-revalidate content-length 0 x-amz-cf-id hLUN2hUMpiomMW8iPb15X6AF5zz2cuybknGPvr_H4atJ3am1JrxYhg==
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 6C83 Redirect Chain https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=93385684-a043-428c-8312-c6729f9ed2b9	43 B 479 B	35ms 35ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=93385684-a043-428c-8312-c6729f9ed2b9 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 30 Dec 2022 07:36:16 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid EF4SX3N9CGNB6NBV0EEY Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers location https://s.amazon-adsystem.com/ecm3?ex=loopme.com&id=93385684-a043-428c-8312-c6729f9ed2b9 date Fri, 30 Dec 2022 07:36:16 GMT server _ content-length 0
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 6C83 Redirect Chain https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D https://s.amazon-adsystem.com/ecm3?id=B381A3715D4F4CD0B7FD691D989947B2&ex=simpli.fi&status=ok	43 B 479 B	30ms 30ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=B381A3715D4F4CD0B7FD691D989947B2&ex=simpli.fi&status=ok Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 30 Dec 2022 07:36:16 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid 5474FB7RMTXBGKAKRWPP Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers date Fri, 30 Dec 2022 07:36:16 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://s.amazon-adsystem.com/ecm3?id=B381A3715D4F4CD0B7FD691D989947B2&ex=simpli.fi&status=ok access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Thu, 29 Dec 2022 07:36:16 GMT
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 6C83 Redirect Chain https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3153873761454775000V10	43 B 479 B	41ms 34ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3153873761454775000V10 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 30 Dec 2022 07:36:16 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid WVMHH1M2DR0PXW5R8CC1 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 30 Dec 2022 07:36:16 GMT Server Apache P3P CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA Location https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3153873761454775000V10 Content-Type text/html Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 154 X-MNET-HL2 E Expires Fri, 30 Dec 2022 07:36:16 GMT
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 6C83 Redirect Chain https://b1sync.zemanta.com/usersync/amazon_tam/?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Doutbrain.com%26id%3D__ZUID__ https://stags.bluekai.com/site/23178?id=4x3EUfLeyr94gXw65OQ2&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7... https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOMFWWC6TPNYWWCZDTPFZXIZLNFZRW63JPMVRW2MZ7MV4D233VORRHEYLJNYXGG33NEZSXQY3IMFXGOZJ5MFWWC6TPNZPXIYLNEZUWIPJUPAZUKVLGJRSXS4RZGRTVQ... https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=4x3EUfLeyr94gXw65OQ2	43 B 479 B	30ms 29ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=4x3EUfLeyr94gXw65OQ2 Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 30 Dec 2022 07:36:17 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid N2WZ0DNGV8WR35HV3VAX Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache Date Fri, 30 Dec 2022 07:36:17 GMT Content-Type text/html; charset=utf-8 Location https://s.amazon-adsystem.com/ecm3?ex=outbrain.com&id=4x3EUfLeyr94gXw65OQ2 P3p CP="We do not support P3P header." Cache-Control no-cache, no-store, must-revalidate Content-Length 101 Expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	103ms 46ms	Script text/javascript	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 30 Dec 2022 07:36:16 GMT
GET H2	200	user_sync.html Show response ads.pubmatic.com/AdServer/js/ Frame 00D2	16 KB 6 KB	73ms 19ms	Document text/html	23.52.161.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-52-161-180.deploy.static.akamaitechnologies.com Software Apache / Resource Hash 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes cache-control max-age=155417 content-encoding gzip content-length 5554 content-type text/html date Fri, 30 Dec 2022 07:36:16 GMT expires Sun, 01 Jan 2023 02:46:33 GMT last-modified Fri, 16 Dec 2022 06:36:49 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server Apache vary Accept-Encoding
GET H/1.1	200 OK	usync.html Show response eus.rubiconproject.com/ Frame 8C1A	281 B 554 B	82ms 19ms	Document text/html	72.247.65.83 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-65-83.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / Resource Hash 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Accept-Ranges bytes Connection keep-alive Content-Encoding gzip Content-Length 233 Content-Type text/html; charset=UTF-8 Date Fri, 30 Dec 2022 07:36:16 GMT ETag "403b9-119-5ec73a0a33d00" Last-Modified Wed, 02 Nov 2022 02:30:44 GMT Server Apache/2.2.15 (CentOS) Vary Accept-Encoding
GET H/1.1	200 OK	ecm3 Show response s.amazon-adsystem.com/ Frame BDE4 Redirect Chain https://ssbsync-us.smartadserver.com/api/sync?callerId=2 https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1518522182241323064&gdpr=0&gdpr_consent=	43 B 479 B	33ms 32ms	Document image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1518522182241323064&gdpr=0&gdpr_consent= Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Content-Type image/gif Date Fri, 30 Dec 2022 07:36:16 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent x-amz-rid Q68NJP5WN4YXRXV3DVVV Redirect headers content-length 0 date Fri, 30 Dec 2022 07:36:15 GMT location https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=1518522182241323064&gdpr=0&gdpr_consent=
GET H/1.1	200 OK	ecm3 Show response s.amazon-adsystem.com/ Frame 9FEC Redirect Chain https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=170996ac622413e8&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHEny6oxkLagM4qAA_AAAAAAA&expiration=1672472176&is_secure=true	43 B 479 B	29ms 29ms	Document image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHEny6oxkLagM4qAA_AAAAAAA&expiration=1672472176&is_secure=true Requested by Host: s.amazon-adsystem.com URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-smaato_n-LoopMe_pm-db5_n-simpli.fi_rbd_n-MediaNet_smrt_cnv_n-Outbrain&fv=1.0&a=cm&cm3ppd=1&dmt=3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Content-Type image/gif Date Fri, 30 Dec 2022 07:36:16 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent x-amz-rid KRBQBSPE56K4NSN02QG1 Redirect headers cache-control no-cache, private, max-age=0, no-store content-length 0 date Fri, 30 Dec 2022 07:36:16 GMT expires 0 location https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAHEny6oxkLagM4qAA_AAAAAAA&expiration=1672472176&is_secure=true p3p policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP" pragma no-cache server nginx
GET H2	200	PugMaster Show response image6.pubmatic.com/AdServer/ Frame 00D2	2 KB 2 KB	97ms 23ms	Script text/html	8.28.7.81 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=68977182&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash c7f60c8829288c918a84a6056dfbdb877c7ef9bb762f738e3fceb6f4a875914e Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" date Fri, 30 Dec 2022 07:36:16 GMT content-length 1577 content-type text/html; charset=UTF-8
GET H/1.1	200 OK	usync.js Show response eus.rubiconproject.com/ Frame 8C1A	34 KB 10 KB	19ms 19ms	Script text/html	72.247.65.83 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://eus.rubiconproject.com/usync.js Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a72-247-65-83.deploy.static.akamaitechnologies.com Software Apache/2.2.15 (CentOS) / PHP/5.3.3 Resource Hash 8fea931ecaa2f8b561e4190eab756fe37dffb5e21a0758eb4dfaee2d242eaa6e Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 30 Dec 2022 07:36:16 GMT Content-Encoding gzip Last-Modified Thu, 29 Dec 2022 14:07:20 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 Vary Accept-Encoding Content-Type text/html; charset=UTF-8 p3p CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT" Cache-Control max-age=23377 Connection keep-alive Content-Length 10067 Expires Fri, 30 Dec 2022 14:05:53 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame CDC7	13 KB 5 KB	70ms 22ms	Document text/html	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://wheregoes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 220593 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 27 Dec 2022 18:19:43 GMT expires Wed, 27 Dec 2023 18:19:43 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame FC34	783 B 1 KB	87ms 38ms	Document text/html	2607:f8b0:4006:81c::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2004 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 9c2cada8596c749d597a108fa535430df7916fdc57140de23a6b0dd27f5d571c Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-HTgmmUnTEA0ibIjE2EoXKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://wheregoes.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 512 content-security-policy script-src 'report-sample' 'nonce-HTgmmUnTEA0ibIjE2EoXKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 30 Dec 2022 07:36:16 GMT expires Fri, 30 Dec 2022 07:36:16 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H/1.1	200 OK	khaos.jpg token.rubiconproject.com/ Frame 8C1A	284 B 921 B	138ms 51ms	Image image/jpg	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/khaos.jpg? Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/jpg Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 284 X-RPHost 0190a17a18f2299b1b85aeb1793e601c P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	feedback Show response api-v1.wordmonetize.com/v1/api/	21 B 124 B	102ms 101ms	XHR application/json	54.177.99.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v1.wordmonetize.com/v1/api/feedback?data=eyJwYWNrZXRJZCI6ImNsY2E3Yjc5djAwMDAzYzZjNGtmOGZyZDEiLCJzaXRlSWQiOjQ4LCJicm93c2VyIjoiQ2hyb21lIiwib3MiOiJXaW5kb3dzIiwiZ3B0SWQiOiJhbGMtYXRmcyIsImdwdEFkUGF0aCI6Ii8yMTc1MTI0MzgxNCwyMjU5MTYyNjIxNS9XTV9QVUJfd2hlcmVnb2VzLmNvbS9XTV9QVUJfd2hlcmVnb2VzLmNvbV9BVEZTaWRlYmFyIiwiaXNGaWxsZWQiOmZhbHNlLCJldmVudFR5cGUiOiJhZGVtcHR5In0= Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.99.232 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-99-232.us-west-1.compute.amazonaws.com Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Fri, 30 Dec 2022 07:36:16 GMT content-length 21 content-type application/json; charset=utf-8
GET H2	200	feedback Show response api-v1.wordmonetize.com/v1/api/	21 B 124 B	99ms 99ms	XHR application/json	54.177.99.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v1.wordmonetize.com/v1/api/feedback?data=eyJwYWNrZXRJZCI6ImNsY2E3Yjc5djAwMDAzYzZjNGtmOGZyZDEiLCJzaXRlSWQiOjQ4LCJicm93c2VyIjoiQ2hyb21lIiwib3MiOiJXaW5kb3dzIiwiZ3B0SWQiOiJsZWFkZXJib2FyZC03MTkwMDI1MyIsImdwdEFkUGF0aCI6Ii8yMTc1MTI0MzgxNCwyMjU5MTYyNjIxNS9XTV9QVUJfd2hlcmVnb2VzLmNvbS9XTV9QVUJfd2hlcmVnb2VzLmNvbV9MZWFkZXJib2FyZCIsImlzRmlsbGVkIjpmYWxzZSwiZXZlbnRUeXBlIjoiYWRlbXB0eSJ9 Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.99.232 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-99-232.us-west-1.compute.amazonaws.com Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Fri, 30 Dec 2022 07:36:16 GMT content-length 21 content-type application/json; charset=utf-8
GET H2	200	feedback Show response api-v1.wordmonetize.com/v1/api/	21 B 124 B	97ms 88ms	XHR application/json	54.177.99.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v1.wordmonetize.com/v1/api/feedback?data=eyJwYWNrZXRJZCI6ImNsY2E3Yjc5djAwMDAzYzZjNGtmOGZyZDEiLCJzaXRlSWQiOjQ4LCJicm93c2VyIjoiQ2hyb21lIiwib3MiOiJXaW5kb3dzIiwiZ3B0SWQiOiJsZWFkZXJib2FyZC02NzU2MDkyNyIsImdwdEFkUGF0aCI6Ii8yMTc1MTI0MzgxNCwyMjU5MTYyNjIxNS9XTV9QVUJfd2hlcmVnb2VzLmNvbS9XTV9QVUJfd2hlcmVnb2VzLmNvbV9MZWFkZXJib2FyZCIsImlzRmlsbGVkIjpmYWxzZSwiZXZlbnRUeXBlIjoiYWRlbXB0eSJ9 Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.99.232 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-99-232.us-west-1.compute.amazonaws.com Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Fri, 30 Dec 2022 07:36:16 GMT content-length 21 content-type application/json; charset=utf-8
GET H2	200	feedback Show response api-v1.wordmonetize.com/v1/api/	21 B 124 B	79ms 79ms	XHR application/json	54.177.99.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api-v1.wordmonetize.com/v1/api/feedback?data=eyJwYWNrZXRJZCI6ImNsY2E3Yjc5djAwMDAzYzZjNGtmOGZyZDEiLCJzaXRlSWQiOjQ4LCJicm93c2VyIjoiQ2hyb21lIiwib3MiOiJXaW5kb3dzIiwiZ3B0SWQiOiJhbGMtc2RzIiwiZ3B0QWRQYXRoIjoiLzIxNzUxMjQzODE0LDIyNTkxNjI2MjE1L1dNX1BVQl93aGVyZWdvZXMuY29tL1dNX1BVQl93aGVyZWdvZXMuY29tX1N0aWNreURvY2tlZFNpZGViYXIiLCJpc0ZpbGxlZCI6ZmFsc2UsImV2ZW50VHlwZSI6ImFkZW1wdHkifQ== Requested by Host: cdn-monetize.whatstheword.co URL: https://cdn-monetize.whatstheword.co/48/wordmonetize.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.177.99.232 San Jose, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-177-99-232.us-west-1.compute.amazonaws.com Software / Resource Hash 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers access-control-allow-origin * date Fri, 30 Dec 2022 07:36:16 GMT content-length 21 content-type application/json; charset=utf-8
GET H2	200	Pug Show response simage2.pubmatic.com/AdServer/ Frame C891 Redirect Chain https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%... https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%... https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y66U8AAH08VWUgAo&gdpr=0&gdpr_consent=&_test=Y66U8AAH08VWUgAo	1 B 319 B	61ms 59ms	Document text/html	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y66U8AAH08VWUgAo&gdpr=0&gdpr_consent=&_test=Y66U8AAH08VWUgAo Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068 Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers cache-control no-store, no-cache, private content-length 1 content-type text/html; charset=utf-8 date Fri, 30 Dec 2022 07:36:15 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" server nginx Redirect headers accept-ranges bytes cache-control no-cache content-length 0 date Fri, 30 Dec 2022 07:36:17 GMT location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y66U8AAH08VWUgAo&gdpr=0&gdpr_consent=&_test=Y66U8AAH08VWUgAo pragma no-cache retry-after 0 server Varnish via 1.1 varnish x-cache HIT x-cache-hits 0 x-served-by cache-yyz4535-YYZ x-timer S1672385777.031615,VS0,VE0
GET H/1.1	200 OK	ecm3 Show response s.amazon-adsystem.com/ Frame 7135	43 B 479 B	51ms 48ms	Document image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UID4E839456-9EA9-4983-B930-132E3B97C98B Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers Referer https://ads.pubmatic.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Content-Type image/gif Date Fri, 30 Dec 2022 07:36:16 GMT Expires Thu, 01 Jan 1970 00:00:00 GMT Pragma no-cache Server Server Strict-Transport-Security max-age=47474747; includeSubDomains; preload Vary Content-Type,Accept-Encoding,User-Agent x-amz-rid HAFNRRPRNDK5D21EG954
GET H2	200	user_sync.html ads.pubmatic.com/AdServer/js/ Frame 00D2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ToOUVp6pSYO5MBMuO5fJiw%3D%3D&gdpr=0&gdpr_consent= https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=	16 KB 16 KB	20ms 20ms	Image text/html	23.52.161.180 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H2 Server 23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-52-161-180.deploy.static.akamaitechnologies.com Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:17 GMT content-encoding gzip last-modified Fri, 16 Dec 2022 06:36:49 GMT server Apache vary Accept-Encoding content-type text/html p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" cache-control max-age=155416 accept-ranges bytes content-length 5554 expires Sun, 01 Jan 2023 02:46:33 GMT Redirect headers pragma no-cache date Fri, 30 Dec 2022 07:36:16 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 301 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ bpi.rtactivate.com/tag/ Frame 00D2	43 B 109 B	151ms 68ms	Image image/gif	3.210.134.189 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://bpi.rtactivate.com/tag/?id=20909&user_id=4E839456-9EA9-4983-B930-132E3B97C98B&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.210.134.189 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-210-134-189.compute-1.amazonaws.com Software awselb/2.0 / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:17 GMT server awselb/2.0 content-length 43 content-type image/gif
GET H/1.1	200 OK	b23f09698aa242b6a039e682c190ba8c i.liadm.com/s/e/75145/0/ Frame 00D2 Redirect Chain https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=4E839456-9EA9-4983-B930-132E3B97C98B https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=4E839456-9EA9-4983-B930-132E3B97C98B&_li_chk=true&previous_uuid=ba5941bf013d48ac9358a47d7b60e58a https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F75145%2F0%2Fb23f09698aa242b6a039e682c190ba8c%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&ba5941bf-013d-48ac-9358-a47d... https://i.liadm.com/s/e/75145/0/b23f09698aa242b6a039e682c190ba8c?mpid=7156&muid=5f5863ae-94f1-4500-8708-c16bb9998cca	43 B 274 B	31ms 27ms	Image image/gif	3.222.76.44 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://i.liadm.com/s/e/75145/0/b23f09698aa242b6a039e682c190ba8c?mpid=7156&muid=5f5863ae-94f1-4500-8708-c16bb9998cca Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol HTTP/1.1 Server 3.222.76.44 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-222-76-44.compute-1.amazonaws.com Software / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Date Fri, 30 Dec 2022 07:36:17 GMT Cache-Control no-store Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 43 Request-Time 0 Content-Type image/gif Redirect headers Date Fri, 30 Dec 2022 07:36:17 GMT Server MT3 277 3f0ad7a master ord-pixel-x55 config:1.0.0 Content-Type image/gif Access-Control-Allow-Origin * location https://i.liadm.com/s/e/75145/0/b23f09698aa242b6a039e682c190ba8c?mpid=7156&muid=5f5863ae-94f1-4500-8708-c16bb9998cca P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Fri, 30 Dec 2022 07:36:16 GMT
GET H3	200	receive pixel.tapad.com/idsync/ex/ Frame 00D2 Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=4E839456-9EA9-4983-B930-132E3B97C98B https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=4E839456-9EA9-4983-B930-132E3B97C98B https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f2505386-10d4-4775-8427-7bd10f7331c4%252C&gdpr=0&gdpr_consent= https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&ttd_puid=f2505386-10d4-4775-8427-7bd10f7331c4%2C	95 B 122 B	43ms 39ms	Image image/png	107.178.246.49 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&ttd_puid=f2505386-10d4-4775-8427-7bd10f7331c4%2C Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H3 Server 107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 49.246.178.107.bc.googleusercontent.com Software / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:17 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 content-type image/png p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers pragma no-cache date Fri, 30 Dec 2022 07:36:17 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&ttd_puid=f2505386-10d4-4775-8427-7bd10f7331c4%2C content-type text/html cache-control private,no-cache, must-revalidate content-length 353
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 00D2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NEU4Mzk0NTYtOUVBOS00OTgzLUI5MzAtMTMyRTNCOTdDOThC&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=	42 B 95 B	24ms 23ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Fri, 30 Dec 2022 07:36:16 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 30 Dec 2022 07:36:16 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 00D2 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO0YThHsUNyq7-wJJqykM1I&google_cver=1	42 B 301 B	25ms 24ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO0YThHsUNyq7-wJJqykM1I&google_cver=1 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Fri, 30 Dec 2022 07:36:16 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 30 Dec 2022 07:36:16 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEO0YThHsUNyq7-wJJqykM1I&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 379 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	Pug image2.pubmatic.com/AdServer/ Frame 00D2 Redirect Chain https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B381A3715D4F4CD0B7FD691D989947B2	42 B 440 B	99ms 31ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B381A3715D4F4CD0B7FD691D989947B2 Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Fri, 30 Dec 2022 07:36:16 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers date Fri, 30 Dec 2022 07:36:16 GMT strict-transport-security max-age=63072000; includeSubdomains; preload x-content-type-options nosniff server openresty access-control-allow-methods GET, POST, OPTIONS content-type text/html location https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:B381A3715D4F4CD0B7FD691D989947B2 access-control-allow-origin * cache-control no-cache access-control-allow-headers DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type content-length 142 expires Thu, 29 Dec 2022 07:36:16 GMT
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 00D2 Redirect Chain https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7462143544599103430&gdpr=0&gdpr_consent=&us_privacy=	1 B 176 B	26ms 24ms	Image text/html	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7462143544599103430&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type text/html; charset=utf-8 date Fri, 30 Dec 2022 07:36:17 GMT cache-control no-store, no-cache, private server nginx content-length 1 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7462143544599103430&gdpr=0&gdpr_consent=&us_privacy= pragma no-cache date Fri, 30 Dec 2022 07:36:16 GMT cache-control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 content-length 0 p3p policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
GET H2	200	Pug simage2.pubmatic.com/AdServer/ Frame 00D2 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&gdpr=0&gdpr_consent=	42 B 358 B	41ms 26ms	Image image/gif	8.28.7.83 AS-PUBMATIC
General Check archive.org Show headers Download Go to Show image Full URL https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&gdpr=0&gdpr_consent= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H2 Server 8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers content-type image/gif; charset=utf-8 date Fri, 30 Dec 2022 07:36:17 GMT cache-control no-store, no-cache, private server nginx content-length 42 p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" Redirect headers pragma no-cache date Fri, 30 Dec 2022 07:36:16 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&gdpr=0&gdpr_consent= content-type text/html cache-control private,no-cache, must-revalidate content-length 355
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame FC34	0 0	85ms 41ms	Image text/html	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=2760854197816138&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H3	200	Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response pagead2.googlesyndication.com/bg/ Frame CDC7	36 KB 16 KB	62ms 19ms	Script text/javascript	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Mon, 26 Dec 2022 21:11:01 GMT content-encoding gzip x-content-type-options nosniff age 296715 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15923 x-xss-protection 0 last-modified Mon, 05 Dec 2022 17:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 26 Dec 2023 21:11:01 GMT
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 8C1A Redirect Chain https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LCA7B84O-8-6Q82 https://s.amazon-adsystem.com/ecm3?id=LCA7B84O-8-6Q82&ex=d-rubiconproject.com&status=ok	43 B 479 B	31ms 30ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?id=LCA7B84O-8-6Q82&ex=d-rubiconproject.com&status=ok Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 30 Dec 2022 07:36:17 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid SD1YZ7CWAMJP3WTTAW9H Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Content-Type text/html Location https://s.amazon-adsystem.com/ecm3?id=LCA7B84O-8-6Q82&ex=d-rubiconproject.com&status=ok Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 7d24643e640b7b50906469aa87bfb2ce Expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8C1A Redirect Chain https://token.rubiconproject.com/token?pid=25470 https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENBN0I4NE8tOC02UTgy	170 B 188 B	42ms 38ms	Image image/png	142.250.80.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENBN0I4NE8tOC02UTgy Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol H3 Server 142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 30 Dec 2022 07:36:17 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TENBN0I4NE8tOC02UTgy Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 4f2e9ddc15e6cc2c3861f8e2683d2514 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 8C1A Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGqpdrx9-axB_WnwpcuFMGU&google_cver=1	42 B 678 B	98ms 24ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGqpdrx9-axB_WnwpcuFMGU&google_cver=1 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 0190a17a18f2299b1b85aeb1793e601c P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Fri, 30 Dec 2022 07:36:17 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGqpdrx9-axB_WnwpcuFMGU&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 326 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 8C1A Redirect Chain https://match.adsrvr.org/track/cmf/rubicon https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&gdpr=0&gdpr_consent=&expires=30	42 B 678 B	112ms 24ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&gdpr=0&gdpr_consent=&expires=30 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 8eb2d9eeed9b9c468975d0ba24565e5b P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Fri, 30 Dec 2022 07:36:17 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=fbf4e65c-93c4-4e8c-92f1-0aac950813d3&gdpr=0&gdpr_consent=&expires=30 content-type text/html cache-control private,no-cache, must-revalidate content-length 289
GET H/1.1	200 OK	dcm aax-eu.amazon-adsystem.com/s/ Frame 8C1A	43 B 855 B	480ms 173ms	Image image/gif	52.95.126.138 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.126.138 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 30 Dec 2022 07:36:17 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid NSYG4C6ZCZBZF35Z8NFN Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif p3p policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR" Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT
GET H2	200	setuid px.ads.linkedin.com/ Frame 8C1A Redirect Chain https://token.rubiconproject.com/token?pid=36584 https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCA7B84O-8-6Q82	0 573 B	95ms 50ms	Image text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCA7B84O-8-6Q82 Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol H2 Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:16 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 00BA288F24214827B551AB8EFA78F56C Ref B: YTO01EDGE0520 Ref C: 2022-12-30T07:36:17Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAXxBqgtopN3ohrONwjmQw== Redirect headers Location https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LCA7B84O-8-6Q82 Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 20e8391fc78a9019eb67dba4b22f0ac2 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	tap.php pixel.rubiconproject.com/ Frame 8C1A Redirect Chain https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 https://pr-bh.ybp.yahoo.com/sync/rubicon/VPEH7xtL3xqa7m4r8vbS4Q?csrc= https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lGIh9O1E2oLjtOeWXS7eXNyV4Or3D9gG1Wz5AA--~A	42 B 678 B	25ms 24ms	Image image/gif	69.173.151.100 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lGIh9O1E2oLjtOeWXS7eXNyV4Or3D9gG1Wz5AA--~A Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol HTTP/1.1 Server 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Content-Type image/gif Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 42 X-RPHost 20e8391fc78a9019eb67dba4b22f0ac2 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers date Fri, 30 Dec 2022 07:36:17 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin server ATS content-security-policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic age 0 expect-ct max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only" x-frame-options DENY location https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-lGIh9O1E2oLjtOeWXS7eXNyV4Or3D9gG1Wz5AA--~A content-length 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8C1A Redirect Chain https://token.rubiconproject.com/token?pid=2249&pt=n https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTMyNzJiODI2MjRkMGI0ZDMyNDFiNWU5MWEwYTEwNzM4MDgwNTk3OQ	170 B 188 B	41ms 39ms	Image image/png	142.250.80.34 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTMyNzJiODI2MjRkMGI0ZDMyNDFiNWU5MWEwYTEwNzM4MDgwNTk3OQ Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol H3 Server 142.250.80.34 Glen Cove, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s34-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers pragma no-cache date Fri, 30 Dec 2022 07:36:17 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTMyNzJiODI2MjRkMGI0ZDMyNDFiNWU5MWEwYTEwNzM4MDgwNTk3OQ Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 9e7742894a018a40b59a2ed2117c85b5 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H/1.1	200 OK	ecm3 s.amazon-adsystem.com/ Frame 8C1A Redirect Chain https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=6kE9e-XGQ0Wf9GVGxukg9Q&rk=usync-na https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=6kE9e-XGQ0Wf9GVGxukg9Q	43 B 479 B	29ms 29ms	Image image/gif	52.46.130.91 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=6kE9e-XGQ0Wf9GVGxukg9Q Requested by Host: eus.rubiconproject.com URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east Protocol HTTP/1.1 Server 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Server / Resource Hash c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e Security Headers Name Value Strict-Transport-Security max-age=47474747; includeSubDomains; preload Request headers accept-language en-CA,en;q=0.9 Referer https://eus.rubiconproject.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers Pragma no-cache Date Fri, 30 Dec 2022 07:36:17 GMT Strict-Transport-Security max-age=47474747; includeSubDomains; preload Server Server x-amz-rid 8ZCVDTHG5YM7J8YM36N1 Vary Content-Type,Accept-Encoding,User-Agent Content-Type image/gif Cache-Control max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0 Connection keep-alive Content-Length 43 Expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=6kE9e-XGQ0Wf9GVGxukg9Q Pragma no-cache Expires 0 Cache-Control no-cache,no-store,must-revalidate content-length 0 X-RPHost 78008fe701b681dce86a72fc23cacc40 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame CDC7	0 10 B	34ms 19ms	Image text/plain	2607:f8b0:4006:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?CYpxww Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:81c::2001 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:17 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	37ms 37ms	Image text/html	2607:f8b0:4006:824::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=2760854197816138&bg=!enmleT3NAAYgquz3AKo7ACkAdvg8WgoxzO93IxaHoEBLZIV0NtzRPIqY_olys2Lk5roQGfJ6Z4kyDAIAAACPUgAAAARoAQeZAswu2QLhVZPykjLM8ThB_roNzaMms-CJjUsyOiNWKJ6R5tB4T8AlY0UyxrTbFpp95BD8Rk1Oymo1ye7aYs7R0QAXU7dm2b3ruwX9UNYYAkng2ldr1PL1GsTGoE6wNaLph8VA5reoCgDzqUwxpnVPZcWOY6TNNEDo_NyKs-i6OMUKjCpEm3ml4ZnaL3pYtgwpNB9WbxKP7dBf01EPVnnPcaQfvdJTYGaxkjXyf4uswDSOB6kOkFvHmLkecP9Oz9j8wW-Nij-rQf-cEGYDrwnsQsKpE1oNCCKbYE6cxYrmeIG9_Z7rxrLRdxd4Kl5yfazrpuG5X_s7JNvxOPrHedmc8rAahSNZNnBGcfj8eXAXn95RnpXQg7H2zJPYXCC7BEoG5TtcvZKQXjZwSwFndXdnWkDqb8FfaZroG5WeNLT45rOBGdlSbJNquFhwVQyjkg8sNfsSHR3ESoi3CU8665JMIQRazZIwjQ88Fgr3hODJeQSlnhZAth8OU2ABGslx2XBgwLEh_d9TUOutk3WfYE43TquYtA0hbJnocqE0GlCSFOB6QUE0pSSrkd_rTimOYYY_53LeeUDjPEDrRfINRRfaKYMP0oSgeRnEY3wVCRRyIGrFMZDoJgtRHxSDcl13mvWS15z2cECi2uqLMU9UydeUz9TJP4VY_f0HgRc_80WQp6iZfdCYchAoE2ShW8d-oPA5BN8V0bSgkUdfOI-VX53ky0LONjmpE-2ZxFhZU5CO6Wk_Dnm-ZPVi8WRoslaG1_Jx1haG2EMVvuduPR35-F0qtWzKZ7zV3aOysR9ENeypd5pZIi5QMkspSbondI7LFLN8e-AgDdu573tQnbZ7C0hJGDOCMExUGMBXFUsrRgOaEhZiB8ngVJoyfSIPz28dnCiiNOiySi1L7Ci3BPROVdrPXILBA-v6Oj-94yf4RCswILO8Xv6BInq5HmkSA0cI5Q Protocol H3 Security QUIC, , AES_128_GCM Server 2607:f8b0:4006:824::2002 Nutley, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://wheregoes.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers
GET H2	200	SPug Show response simage4.pubmatic.com/AdServer/ Frame 00D2	0 261 B	97ms 25ms	Script text/plain	8.28.7.84 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy= Requested by Host: ads.pubmatic.com URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://ads.pubmatic.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36 Response headers date Fri, 30 Dec 2022 07:36:17 GMT cache-control no-store, no-cache, private server nginx p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"