wheregoes.com Open in urlscan Pro
2606:4700:3035::ac43:b70e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wheregoes.com/trace/20241611753/
Submission: On March 25 via manual (March 25th 2024, 9:02:36 am UTC) from GB — Scanned from GB

Summary HTTP 73 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 17 domains to perform 73 HTTP transactions. The main IP is 2606:4700:3035::ac43:b70e, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheregoes.com.
TLS certificate: Issued by GTS CA 1P5 on February 14th 2024. Valid for: 3 months.

This is the only time wheregoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3035::ac43:b70e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3037::6815:5f57	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	161.35.94.134 161.35.94.134	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	161.35.94.167 161.35.94.167	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	178.250.1.8 178.250.1.8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	51.38.120.206 51.38.120.206	16276 (OVH) (OVH)
1	54.194.237.178 54.194.237.178	16509 (AMAZON-02) (AMAZON-02)
6	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	54.73.171.109 54.73.171.109	16509 (AMAZON-02) (AMAZON-02)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
19	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1 4	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:1ec:46::43 2620:1ec:46::43	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
1 3	2a02:26f0:f50... 2a02:26f0:f500:6::216:5bd6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.193.108 151.101.193.108	54113 (FASTLY) (FASTLY)
2	2a02:2638:3::3 2a02:2638:3::3	() ()
73	23

13 2606:4700:3035::ac43:b70e (United States)

ASN13335 (CLOUDFLARENET, US)

wheregoes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3037::6815:5f57 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.35.94.134 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-17.buysellads.com

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 161.35.94.167 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-18.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.237.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-237-178.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.171.21 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.171.109 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-171-109.eu-west-1.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::43 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adsdk.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:f500:6::216:5bd6 (Munich, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::3 (None, )

ASN- ()

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 204	481 KB
13	wheregoes.com wheregoes.com	168 KB
8	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 371 secure.adnxs.com — Cisco Umbrella Rank: 813 fra1-ib.adnxs.com — Cisco Umbrella Rank: 7278 cdn.adnxs.com — Cisco Umbrella Rank: 2556 acdn.adnxs.com — Cisco Umbrella Rank: 946	64 KB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 891 gum.criteo.com — Cisco Umbrella Rank: 622 mug.criteo.com	8 KB
3	bing.com 1 redirects www.bing.com — Cisco Umbrella Rank: 74	19 KB
3	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 745	2 KB
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 9171	7 KB
2	criteo.net static.criteo.net	62 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 275	167 KB
1	microsoft.com adsdk.microsoft.com — Cisco Umbrella Rank: 7641	39 KB
1	media.net prebid.media.net — Cisco Umbrella Rank: 1716	1 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 1057	275 B
1	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 3937	666 B
1	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 1055	643 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4050	2 KB
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 29065	657 B
1	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 30386	148 KB
73	17

	Domain	Requested by
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net wheregoes.com 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com
13	wheregoes.com	wheregoes.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com tpc.googlesyndication.com
3	www.bing.com	1 redirects 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
3	gum.criteo.com	1 redirects secure.adnxs.com static.criteo.net
3	fastlane.rubiconproject.com	cdn4.buysellads.net
3	api.fouanalytics.com	wheregoes.com api.fouanalytics.com
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	fra1-ib.adnxs.com	secure.adnxs.com cdn.adnxs.com
2	secure.adnxs.com	3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com secure.adnxs.com
2	3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	ib.adnxs.com	cdn4.buysellads.net acdn.adnxs.com
2	securepubads.g.doubleclick.net	cdn4.buysellads.net securepubads.g.doubleclick.net
1	mug.criteo.com
1	acdn.adnxs.com	3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
1	cdn.adnxs.com	secure.adnxs.com
1	adsdk.microsoft.com	secure.adnxs.com
1	prebid.media.net	cdn4.buysellads.net
1	ap.lijit.com	cdn4.buysellads.net
1	ads.servenobid.com	cdn4.buysellads.net
1	onetag-sys.com	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	cdn4.buysellads.net	wheregoes.com
73	25

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
wheregoes.com GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
fouanalytics.com E1	`2024-03-04` - `2024-06-02`	3 months	crt.sh
cdn4.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2023-11-14` - `2024-11-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-25` - `2024-06-24`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
ads.servenobid.com Amazon RSA 2048 M01	`2023-04-29` - `2024-05-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2024-02-19` - `2024-05-19`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-04` - `2025-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
adsdk.microsoft.com Microsoft Azure RSA TLS Issuing CA 03	`2024-01-08` - `2024-07-06`	6 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://wheregoes.com/trace/20241611753/
Frame ID: B2559CF5C79CAA6952E12F995D1BF06F
Requests: 38 HTTP requests in this frame

Frame: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8EE40657D8D4A8432CC970BA86C1ADF8
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst_atW7m785MB-9N1Zdh7gEqKa1xfiGP7VGTgRMAe3GEoH5Y_3qasA1ctmiUIH-DQItGcGsjuj5OubBY_jc6ZlLvQvdUaoU7rLxoG8MgbZv910xCNOh06CCLjqZJ2eix43_046GrBE4K9dfzQXC0Dfd1LVK103sDo1jyF30V0bN3X_uQ9-ohFE11SE-qrKmwc1YujF0CKgedmjjtLXWnzQSOvkJ198fxvVsCUUFdJ2SsuX6Oylis4r8rp4z5SjoRY5qZUo135y6Hk9n2jEfT1MvqJBWUxeU9cZAls0SLPjEQLgXVs-lpbOcA15h8bVSD_fVnvQjEAM2O9AsTVGBW0NS7Ui5m1O5oIyHHrQScfSEcDUQn-uX2A&sig=Cg0ArKJSzPn0R0rlv7CjEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: DCD7EF3378B2C0D280C7E5FF6F3D20F7
Requests: 8 HTTP requests in this frame

Frame: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F49E6AC965E77A604C575B6BC7D9E8EF
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssyhRW0tKaa5lLLZL_iAXOCd61nAspAMjTiGQ636OUkX6H_s9AlrDUBAJeRErgfByeyqwuczmzSBd-sQPJnymdEMAjPCd02Djy2_2eK6V2BTaUjVhUknfn5UclhtoGvfL5NizvOfuL6DZ9ZT9i8C5T6GlmzXM56PQZvrmxtUngQgEwDZjMjAwxOcH--HM66LPPwBdqXDJMDhcTCWrFtSBY3rFhm1Eic2KXxKiNpLnDQsJtq89rwh2kVxUAv8msfao0WPt58YjHYVBoyu1BtLTXNWm1c-vt44V9RA82DdlK4AmTFo4cAQODIzAjeHAUEDjleYv7N95lRNotrEaPOJghflWdBKjZa961pr3R3Q0M4UbXlDr80A7JTR-8&sig=Cg0ArKJSzGQhdd913aWsEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 467D6B308E993461475D355AD9689DA2
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63D9479F503D84B8B911A65AE2ED94AF
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Frame ID: E99300A8B9CDB630324465FA1CBB72DF
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com
Frame ID: 6C6CD0887313F08867DAEE6581146917
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trace Results | WhereGoes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

73
Requests

96 %
HTTPS

50 %
IPv6

17
Domains

25
Subdomains

23
IPs

5
Countries

1183 kB
Transfer

3202 kB
Size

10
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/WhereGoes_com
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=7598e0e3-e892-4202-8c3b-57923fe2e33a&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=5fe5d6c5-9d64-46c2-9e2c-ab83204192fb&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3Da44b982c39e34a468377044154030fcb%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=18678115&trafficGroup=knaqe_3c&trafficSubGroup=zzf%3Aknaqe_3c_vcqrivpr&aid=5417002686104710082 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a44b982c39e34a468377044154030fcb&SNR=1&GV=2&med=10

Request Chain 75

https://gum.criteo.com/sid/json?origin=publishertag&domain=wheregoes.com&sn=ChromeSyncframe&so=0&topUrl=wheregoes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=tMYaSHxoaVpYR21ISlZsK01PQ1dlWXZRRjdMS2tLYy9UQ2kxS2FVcFVqN3pIbnVxU1d1RWNvc3pXU09rMWJia3ZxZktYaExDamF2RnA4UTh5TUNjd05peTlGQUo5YVNMUHgvZkt3RkdMSE9kdXdjc0h6Y1pOOHdkT1c4K2w4cG1jRER5VmpmVERyMlZvazg3d2hSVzZRZkdTNVZJb2sxY216YjhsckJyc2dHWmIyWEU5VENnNFFTN3lySmRvV3hYS1JpN2RBK1BzZkJNMHVERndDZ3FyMnlQaktDdlphUWM3emY3THNRSnNyUXE2Y0xHdXlrUDY2cmtxcUdYYWZRSmtVYm1KWTZpd0J3cmZUMFRzYU5UWWtLeUpXSnZlR0szVHdOdFpkUzUvNWh6MGdEST18&cppv=2

73 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wheregoes.com/trace/20241611753/ 42 KB
12 KB 382ms
241ms Document
text/html 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/trace/20241611753/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd9b875c8827686cfac4d2575dae43ecabef2a3663069fd01c9325c66734488

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 869db8f6ff48886e-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 25 Mar 2024 09:02:31 GMT
link: <https://wheregoes.com/?p=19>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pnp3JsletNBXzdBO5augehoJu7lj74iu6f%2BcCUWoqf6A0qMOR0nPquUEAdLo07mFrkHybULtIqn1ZOdYlOrYbaDYwaYcv%2Bc2je3NH3pWSpH%2FO1GDRzBeglqobde3aIjku1cAIURVxjpvLAml"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 autoptimize_477c8b492022dd242b2a91bbab7e5c7f.css
wheregoes.com/c/cache/autoptimize/css/ 250 KB
87 KB 44ms
43ms Stylesheet
text/css 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/cache/autoptimize/css/autoptimize_477c8b492022dd242b2a91bbab7e5c7f.css

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ae93fccdf26b44bd25485924166ff1b2589817d5c0bc1398e75a2a1f32a54d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/trace/20241611753/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 212811
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 02:21:27 GMT
server: cloudflare
etag: W/"65fb99a7-3e828"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gf0hMZS2tAqrBhz3P8rXzP79czI6kVliT2ycgwZ8Sg2RTQVbKOZWeVvglWsyAgryFs20DXCqH0hD5gZJ%2BINHILJ%2F4DvAX9VKy26urGRSjULLaBcz8EmhhTxSuAthoRevveN2DU91MTzj%2F1ti"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 869db8f88934886e-LHR
expires: Fri, 21 Mar 2025 02:21:30 GMT

GET
H2 200 jquery.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 86 KB
31 KB 154ms
154ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery.min.js?ver=202403250990

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/trace/20241611753/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 14 Nov 2023 10:38:21 GMT
server: cloudflare
etag: W/"65534e1d-15601"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7HEQyr8ELAlomHybWVtLrvHzQn63oED2S5Zv07ulirtapm6FMSshkLbeTNzf5jiwek%2B5FFJySrGVg2WAD3VNb8MDGaexH%2F4W%2FUCi0vsa4XlSzlihvNonPyKj9xL17Kj0xQIPW4gv1j8vrNIL"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 869db8f89946886e-LHR
expires: Tue, 25 Mar 2025 09:00:01 GMT

GET
H2 200 jquery-migrate.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 13 KB
5 KB 132ms
132ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=202403250990

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/trace/20241611753/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 22 Aug 2023 20:43:51 GMT
server: cloudflare
etag: W/"64e51e07-3509"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lawdf1RUqN881tBodOw24Lz5DQFy1fwex12QjE9cWpiYnalEYRZLU%2FivXaoFhO%2BCjZ7uQUVUp7ap9kr8glwe3qESNM3kzq25sS2y4lQOt%2F6nUk4%2FfLEIyE5ysD1uM6X0eK33QdKKLsskUl%2F2"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 869db8f89947886e-LHR
expires: Tue, 25 Mar 2025 09:00:00 GMT

GET
H3 200 script.js Show response
wheregoes.com/js/ 1 KB
1 KB 49ms
48ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/js/script.js

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/trace/20241611753/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 885
age: 1196
x-cache: EXPIRED
cdn-cachedat: 03/25/2024 07:16:31
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.1.5
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Mar 2024 08:05:03 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nl7G6cdqJYDklrwPDSZvEcAENwRaLN8ljyyNIHiTZpK4Nwmx%2F2Eu8hbq3oIehS%2Bk2RC%2FSTFLenpSa6mbyL1D3eZ%2Boyc1v6fENIif6pv4C4T6eUTQflrwzQhRI06fG%2BHSV6jXOG75bNwFfVZb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, max-age=14400
permissions-policy: interest-cohort=()
cdn-requestid: eaef3d5a03035578a76f7865e3929a59
cf-ray: 869db8f99c9679c6-LHR
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 init-1144pc80p2fur20uadwq.js Show response
api.fouanalytics.com/api/ 318 B
733 B 701ms
197ms Script
text/javascript 2606:4700:3037::6815:5f57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5f57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 822564c212b718dbe6e0f440dbf5c28d81763404fe74b1716625bef915d9ec3f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:32 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Z%2FLlx2%2FwKe5%2FAevgYyRQoAR%2BRh%2FyO94qYgfGohyKJd2tbExev6sXkm2rcqobSN212VRawMN6qkVNK7FqJPyMddhtTXjnXzDAORZF%2Fc8EWNWm58lucUJ7Rfzl%2FfS7v%2BzuHBQhWKL%2FsfgZGPMcPSL1Clllg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 869db8fcbbc26551-LHR
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H2 200 arrow-redirect-wheregoes.svg
wheregoes.com/c/themes/custom-theme/img/ 1 KB
879 B 39ms
38ms Image
image/svg+xml 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheregoes.com/c/themes/custom-theme/img/arrow-redirect-wheregoes.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be0cd36c7aae81d58d929850be4471dcfdae950c9c90f99f1b43e5ed38f82dda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/trace/20241611753/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 161414
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Apr 2021 19:20:06 GMT
server: cloudflare
etag: W/"60734be6-448"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jb0rYN76CepN2aBWh3q%2By0xxjiu94wln6oEBQjjcltITc6cKgGhF5%2FhJoBi90cil7B8bzgIPdoexMqOBqtWvuy43TxLXHIApb%2FyHHhEyL%2BGVKycM10IUWd1lL87rko3uQeOOJDLe6j8UB5jc"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 869db8f909bd886e-LHR
expires: Sat, 22 Mar 2025 09:06:45 GMT

GET
H2 200 index.js Show response
wheregoes.com/c/p/contact-form-7/includes/swv/js/ 11 KB
4 KB 118ms
117ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/p/contact-form-7/includes/swv/js/index.js?ver=202403250990

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/trace/20241611753/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 14:21:24 GMT
server: cloudflare
etag: W/"65fc4264-2cf9"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=49W3iWsZhm08q%2FTTZBqB2fPbeu8Nx%2BjO8sZ%2B7EiNsmyV%2F%2BGYYZmO3jeuKNkYNcr82mEiLguQA0BEh1llhPrZqDrYRFIhlgIT4tXoLkhzMjSKwACovZaXWrNyaXqdnVeyieKueExLz1OrXZ%2FT"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 869db8f909c0886e-LHR
expires: Tue, 25 Mar 2025 09:00:00 GMT

GET
H2 200 index.js Show response
wheregoes.com/c/p/contact-form-7/includes/js/ 13 KB
5 KB 117ms
117ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/p/contact-form-7/includes/js/index.js?ver=202403250990

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/trace/20241611753/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 21 Mar 2024 14:21:24 GMT
server: cloudflare
etag: W/"65fc4264-32fe"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=266yWYc52KXWfkJ3IuQjpMRxlrL%2FnCUVEeOlTgrBe%2B2DnwzgDqNCJA4Xs3Yi5xC0Hul%2FhuBcEm%2B8WUlt6jrewpzQ%2FaQbfIlSnlQN8Zp7AvOQCu6qEOia8vgmJ%2FpoPO1ojNa1bpBOUNh81rwf"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 869db8f95a2d886e-LHR
expires: Tue, 25 Mar 2025 09:00:00 GMT

GET
H3 200 main.js Show response
wheregoes.com/c/themes/custom-theme/dist/js/ 5 KB
2 KB 123ms
122ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/themes/custom-theme/dist/js/main.js?ver=202403250990

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19f4129c1cfc1a9fcb2e94b35853f3d2085c0807564e37971d1ccb6ef2a7e852

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/trace/20241611753/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 09 Feb 2023 20:32:40 GMT
server: cloudflare
etag: W/"63e55868-1464"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tfW0J%2BmxoRUK7eaJw7mm3ghpMVAmSfvQ46e6L5HymdtCJJMs3k5mgxSwYHYJ5HVeoD6bkgpwZmdf5zfDZfMNEZIsYU8%2FwbkKBqCtLuTCEESZuif42LsgcUpAzHOvZ3kqYgW78ad%2BElG7Zd0Z"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 869db8f99c8d79c6-LHR
expires: Tue, 25 Mar 2025 09:00:01 GMT

GET
BLOB 200
OK 390035c6-ad39-48dc-aca8-68b4747e31be
https://wheregoes.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wheregoes.com/390035c6-ad39-48dc-aca8-68b4747e31be
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 wheregoes.js Show response
cdn4.buysellads.net/pub/ 530 KB
148 KB 552ms
46ms Script
application/javascript 161.35.94.134
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.94.134 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-17.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 6e357b224727d944d9a54c98d2afe8c4c0b0bc05474087c9616a3da4f4ea9ba8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:32 GMT
cache-control: public, max-age=3600, stale-while-revalidate
content-encoding: gzip
server: //srv.buysellads.com
etag: 8ac86d0823d40c5964a7a2d88d1e2c25c873ee03
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 logo-h-blue.svg
wheregoes.com/c/themes/custom-theme/img/ 15 KB
6 KB 42ms
42ms Image
image/svg+xml 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheregoes.com/c/themes/custom-theme/img/logo-h-blue.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_477c8b492022dd242b2a91bbab7e5c7f.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_477c8b492022dd242b2a91bbab7e5c7f.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 210849
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Apr 2021 19:20:03 GMT
server: cloudflare
etag: W/"60734be3-3afa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gXCwDZKinrvSEMTIaR0hM6TVFE3vZZUaPQfcl%2F62W5YJEhtPZErevJnA3UGKxKJmF6%2B%2F7VzQgYVPrq7%2BjO9PyZ1Sjx%2FN4oJB%2FxrjrofJPdnmnP07RCxT%2BhR2IItgNPQD%2BqGstru9EdDgWBJW"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 869db8f9cd2b79c6-LHR
expires: Thu, 13 Mar 2025 18:00:06 GMT

GET
H3 200 wheregoes.woff2
wheregoes.com/c/themes/custom-theme/fonts/ 8 KB
8 KB 41ms
40ms Font
font/woff2 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wheregoes.com/c/themes/custom-theme/fonts/wheregoes.woff2?90359859
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_477c8b492022dd242b2a91bbab7e5c7f.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b

Request headers

Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_477c8b492022dd242b2a91bbab7e5c7f.css
Origin: https://wheregoes.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:31 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 210849
alt-svc: h3=":443"; ma=86400
content-length: 8024
last-modified: Fri, 18 Jun 2021 18:52:37 GMT
server: cloudflare
etag: "60cceb75-1f58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5AhXhfOHOA9v9IJdbWrsDtLSnn6%2FXYq3BpiXVOeBWRfIJxeMvW%2B%2BOoqBK0Asex4B%2BHlkw5yAB3gTlnHQESvLtJT7%2FQmR%2FwkYSOt%2BdfoTGLXs6L7mZDWkhg00BBnCUTfNh1dBYkKOeXd1x9z"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 869db8f99cc579c6-LHR
expires: Tue, 18 Feb 2025 15:23:30 GMT

POST
H3 202 event Show response
wheregoes.com/api/ 2 B
762 B 221ms
221ms XHR
text/plain 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/api/event

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/js/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wheregoes.com/trace/20241611753/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Mar 2024 09:02:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 885
cdn-cachedat: 03/25/2024 09:02:32
cdn-pullzone: 682664
application: 10.0.1.5
alt-svc: h3=":443"; ma=86400
content-length: 2
x-request-id: F7_2cdO8lXnA2dYKKNAB
cdn-proxyver: 1.04
cdn-requestpullcode: 202
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IY9zA6KyFK52RGVGXZEdHsTvxGuQtRmapArLOi7yiVnbYTexZNWGCUlJ4RODmDgg%2FFB38zMOPrJgV0vsSaxAZcDQlo89CCBfbaFfTjkQC9dnYZzs454ZA0sOLhKOUbGELL4qZKb%2BjYPGA9n3"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: fcf440d58b7e3aa475e39fac61e23f77
cf-ray: 869db8fa5e0579c6-LHR
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H3 200 wp-emoji-release.min.js Show response
wheregoes.com/wp-includes/js/ 18 KB
5 KB 127ms
127ms Script
application/javascript 2606:4700:3035::ac43:b70e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/wp-emoji-release.min.js?ver=202403250990

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:b70e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/trace/20241611753/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Apr 2023 20:53:50 GMT
server: cloudflare
etag: W/"642ddfde-4904"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YisMzQ2BuHOBhPAJBclHggvWIMvSYI%2BRi18ByBy5l9wFwq5xBHoaDY%2BzfZdfcE%2FO7j6XfHBO56MI1XFT0NOLdSEOVxQWxWGPNFBxtBeNkD3oVwF7HRFYSjukTPkSGBIDBZVexwV3wV8mgXte"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31536000
cf-ray: 869db8fa5e0679c6-LHR
expires: Tue, 25 Mar 2025 09:00:05 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 582ms
99ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41a436d1adf50649e0f3488bdf298b4db082fc399ce9fbac467de812e595ddba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29016
x-xss-protection: 0
server: cafe
etag: 541 / 19807 / 31082082 / config-hash: 7451382360635560207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Mar 2024 09:02:33 GMT

GET
H2 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 39ms
39ms Script
text/javascript 2606:4700:3037::6815:5f57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:5f57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d20c481e50170ca79ba8d1e25956a4dd11088bdd7ccd13cdd0b45f96b20c535

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38136
etag: W/"65d76e3f-3bdb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vi681Oa%2B%2FZjb6%2BsBZHo8U31q%2BReiVwMDhi%2FqnY4hUHoAoTuQNvZRyI4vRNILj%2BQLVoyewLNWslm94r8%2FCgRh32zSqjrV8niDnqRF%2FVryoYs0moi%2FG89frY1hAL05XXuGOJ45qDzdF0GezCtcIAM3AvvPig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=86400
cf-ray: 869db8fdfd4f6551-LHR
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a80ebeed7992416416468212d7ca0356ae148e0bd5111e0bcec29f0f1ca6f7c3

Request headers

Referer
Origin: https://wheregoes.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/ 438 KB
138 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 24 Mar 2024 11:06:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78939
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141049
x-xss-protection: 0
server: cafe
etag: 7927512453849819874
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 24 Mar 2025 11:06:54 GMT

POST
H3 200 x
api.fouanalytics.com/api/ 0
453 B 226ms
225ms Ping
text/plain 2606:4700:3037::6815:5f57
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:5f57 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Mar 2024 09:02:33 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rXGK37PaADW7JQJOMu4l6UURX396mzpLF95fHAF%2F5BOuNBZ%2BKy5KXX0etmEeoOHPe7auy9YW7gqKwFJIyvZJKkVf4A7F4O%2BoD9gEdoB88tGqupKJ21ZiOWVGfDqwlgiSPYX15xikqh3dnWzRxvKlV%2F%2BNlA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 869db901ffe6640f-LHR
alt-svc: h3=":443"; ma=86400
priority: u=4,i

GET
H2 200 CEAIT5QE.json Show response
srv.buysellads.com/ads/ 1 KB
657 B 202ms
60ms Fetch
application/json 161.35.94.167
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CEAIT5QE.json?forcebanner=530470&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 161.35.94.167 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-18.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: 97dec39d6a32478d9c201a0de1eb3c48ff2e972dcf599553df2b2ea609fbc0dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:33 GMT
content-encoding: br
server: //srv.buysellads.com
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: *
content-length: 522

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 1 KB
2 KB 284ms
132ms Fetch
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20241611753%2F&PageUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20241611753%2F&PageReferrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20241611753%2F

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

00d6b67ca0e170d4a9ad7e0d1d92f9d7a0d06dd0fa9532992dc85f12fe774977

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:33 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 96
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 1241
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
192 B 249ms
94ms Fetch 178.250.1.8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.41.0&cb=54506125319&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://wheregoes.com
date: Mon, 25 Mar 2024 09:02:32 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ 1 KB
643 B 354ms
193ms Fetch
application/json 51.38.120.206
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),

Reverse DNS

ip206.ip-51-38-120.eu

Software

Resource Hash

19cb0e347a14c911e581de87f199aafa3df122891112ebb24da4ed023250fd32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://wheregoes.com
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 273
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900

POST
H2 200 adreq Show response
ads.servenobid.com/ 693 B
666 B 234ms
64ms Fetch
application/json 54.194.237.178
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=8378
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.237.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-237-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ace147b15952e57d7696b7c0acc2a11bc405c9c25cc836978e1ac1f4616751cf

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 25 Mar 2024 09:02:33 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 13 KB
7 KB 443ms
286ms Fetch
application/json 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

3374acf83f6a0790d6479117960a5dcdaf14ea4e199998dbc7c6f50f88cc53c6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:33 GMT
content-encoding: gzip
an-x-request-uuid: cb60583d-094e-4221-a607-8c023a01e1a7
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.120; 194.74.212.120; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 24 B
275 B 258ms
66ms Fetch
application/json 54.73.171.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.41.0
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.73.171.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-171-109.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ea45ccca8c7a09a2f27c8fbb250e7a3aecdd4977d68b8864a50931ce653d5143

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 25 Mar 2024 09:02:33 GMT
vary: Accept-Encoding, User-Agent
access-control-allow-methods: GET, POST, DELETE, PUT
content-type: application/json
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Content-Type
content-length: 24

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
1 KB 294ms
167ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 3a2ee1027a493413ff804d1bc3887dd6ca9d91949f08161f7ac61896ec1282d3

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:33 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wheregoes.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 25 Mar 2024 09:02:33 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 433 B
773 B 356ms
108ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=2&alt_size_ids=55&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20241611753%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20241611753%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&tk_flint=pbjs_lite_v8.41.0&l_pb_bid_id=42b9d38e49496fd&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&m_ch_mobile=%3F0&slots=1&rand=0.21937392678320267
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 9d2ccdcea4bb26f693015f34e4ce2627f9b730007b330b9bbb9f50aab1491cb8

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 433
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 411 B
922 B 355ms
108ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20241611753%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20241611753%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&tk_flint=pbjs_lite_v8.41.0&l_pb_bid_id=43a418d691c4a44&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&m_ch_mobile=%3F0&slots=1&rand=0.014491931476201314
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b55e1adb134099fbed1d6ac7b531b0d73c3f623d007ef0cfb8b0fc1393d8f2c3

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 411
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 442 B
780 B 358ms
112ms Fetch
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20241611753%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20241611753%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&tk_flint=pbjs_lite_v8.41.0&l_pb_bid_id=441ff9ac0465f42&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&m_ch_mobile=%3F0&slots=1&rand=0.6412605790918025
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6cedb5bf9633e423128fc5d84aed80519171142c2271c156e503a216b8b98a3c

Request headers

Referer: https://wheregoes.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:33 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 442
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 166 KB
30 KB 267ms
96ms Fetch
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=1975335268509769&correlator=2436419584695002&eid=31079956%2C31081969%2C31081973%2C31081979%2C31082082&output=ldjh&gdfp_req=1&vrg=202403190101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=8691100%2CWheregoes_S2S_Leaderboard_ATF_ROS%2CWheregoes_S2S_Sidebar_ROS_Pos1%2CWheregoes_S2S_Sticky_Sidebar_ROS_Pos2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%7C120x600%7C160x600%7C300x600&ifi=1&sfv=1-0-40&eri=1&sc=1&abxe=1&dt=1711357353826&lmt=1711357353&adxs=436%2C1091%2C1091&adys=440%2C666%2C950&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20241611753%2F&vis=1&psz=960x267%7C300x1236%7C300x1236&msz=960x90%7C300x250%7C300x600&fws=516%2C0%2C512&ohw=960%2C0%2C0&ga_vid=1684914554.1711357354&ga_sid=1711357354&ga_hid=719143707&ga_fc=false&dlt=1711357351749&idt=1533&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1641228026595-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_creative%3D381846714%26hb_adid%3D46798d431a4c471%26hb_bidder%3Dappnexus%26_bd%3Dbid%26_pl%3D0.00%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D46798d431a4c471%26hb_bidder_appnexus%3Dappnexus%7Coptimize_ad_unit_id%3Dbsa-zone_1641228120494-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641318529900-6_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dwheregoes%26optimize_xp%3Da&adks=1696759606%2C2861055222%2C3809685794&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce2fd09250835389e5dda057cd51744d3d0fba0c33f0bf309552a5038281e11c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30718
x-xss-protection: 0
google-lineitem-id: 5324395187,5320060794,5324395187
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138305885909,138305848162,138305874978
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 254ms
85ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

477d3a706126edd285c4364d609e84d08952047584058a6f024f7409da13067e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12145
x-xss-protection: 0

GET
H2 200 container.html Show response
3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8EE4 6 KB
3 KB 278ms
89ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Mar 2024 09:02:34 GMT
expires: Tue, 25 Mar 2025 09:02:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 309ms
121ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 09:02:34 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame DCD7 0
0 285ms
123ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst_atW7m785MB-9N1Zdh7gEqKa1xfiGP7VGTgRMAe3GEoH5Y_3qasA1ctmiUIH-DQItGcGsjuj5OubBY_jc6ZlLvQvdUaoU7rLxoG8MgbZv910xCNOh06CCLjqZJ2eix43_046GrBE4K9dfzQXC0Dfd1LVK103sDo1jyF30V0bN3X_uQ9-ohFE11SE-qrKmwc1YujF0CKgedmjjtLXWnzQSOvkJ198fxvVsCUUFdJ2SsuX6Oylis4r8rp4z5SjoRY5qZUo135y6Hk9n2jEfT1MvqJBWUxeU9cZAls0SLPjEQLgXVs-lpbOcA15h8bVSD_fVnvQjEAM2O9AsTVGBW0NS7Ui5m1O5oIyHHrQScfSEcDUQn-uX2A&sig=Cg0ArKJSzPn0R0rlv7CjEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame DCD7 23 KB
9 KB 334ms
172ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 08:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Apr 2024 08:44:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame DCD7 3 KB
1 KB 336ms
175ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 08:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Apr 2024 08:44:07 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame DCD7 206 KB
62 KB 237ms
77ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 08:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Mar 2024 09:28:41 GMT

GET
H2 200 14411045596044271614
tpc.googlesyndication.com/simgad/ Frame DCD7 94 KB
94 KB 223ms
77ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14411045596044271614

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d08b67c252083a37cb7295ba5796d73c6e205c7aabe133d9cb604b73ea5985c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 19 Mar 2025 23:13:24 GMT
date: Tue, 19 Mar 2024 23:13:24 GMT
x-content-type-options: nosniff
age: 467350
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96289
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 20:29:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 container.html Show response
3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F49E 6 KB
3 KB 48ms
46ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Mar 2024 09:02:34 GMT
expires: Tue, 25 Mar 2025 09:02:34 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 467D 0
0 262ms
122ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssyhRW0tKaa5lLLZL_iAXOCd61nAspAMjTiGQ636OUkX6H_s9AlrDUBAJeRErgfByeyqwuczmzSBd-sQPJnymdEMAjPCd02Djy2_2eK6V2BTaUjVhUknfn5UclhtoGvfL5NizvOfuL6DZ9ZT9i8C5T6GlmzXM56PQZvrmxtUngQgEwDZjMjAwxOcH--HM66LPPwBdqXDJMDhcTCWrFtSBY3rFhm1Eic2KXxKiNpLnDQsJtq89rwh2kVxUAv8msfao0WPt58YjHYVBoyu1BtLTXNWm1c-vt44V9RA82DdlK4AmTFo4cAQODIzAjeHAUEDjleYv7N95lRNotrEaPOJghflWdBKjZa961pr3R3Q0M4UbXlDr80A7JTR-8&sig=Cg0ArKJSzGQhdd913aWsEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20241611753/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 467D 23 KB
9 KB 181ms
42ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 08:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Apr 2024 08:44:07 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 467D 3 KB
1 KB 314ms
175ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 08:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Apr 2024 08:44:07 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 467D 206 KB
62 KB 183ms
45ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 08:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Mar 2024 09:28:41 GMT

GET
H2 200 8501118484541795674
tpc.googlesyndication.com/simgad/ Frame 467D 88 KB
88 KB 182ms
57ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8501118484541795674

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403190101/pubads_impl.js?cb=31082082

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4987ec68837273fe612c09892841f5011f57d542e12b1567db12e18e5e214ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Wed, 19 Mar 2025 00:46:35 GMT
date: Tue, 19 Mar 2024 00:46:35 GMT
x-content-type-options: nosniff
age: 548159
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90087
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 20:31:43 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame DCD7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc7ef9dd5e7a9e9f3563b72bc8e179e6ac2adb351549915694f663b5dc09c619

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 467D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e27058b12e0720b0b8a20d22415ed984424dd236264799aea05f269f7f5374c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F49E 24 KB
7 KB 135ms
55ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
URL: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Mar 2024 07:51:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 522657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 19 Mar 2025 07:51:37 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame F49E 23 KB
9 KB 261ms
169ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
URL: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 08:44:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1107
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Apr 2024 08:44:07 GMT

GET
H2 200 ttj Show response
secure.adnxs.com/ Frame F49E 8 KB
4 KB 62ms
61ms Script
application/javascript 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?id=18678115&size=300x250&cb=399889148&pubclick=https://pagead2.googlesyndication.com/pcs/click%253Fxai%253DAKAOjsuhyK-XO1ykbApR3Jp2kjBSa3z0SqcJgO7yXfQU7cr4lswZAlOBgSZz10FOebJBDBKTSVmngjWVOIghi80Jm_Y3IiluOwgjtyM2hD5bJbNwXXZDy5U4F2D38qSdHzYZ8mVC9E3Y6xhKejgTvPH4nLcgG413NJ9a_85_S6W5HO0URmmnBhTLotxMBLBjMt7u5-uKso16S_JQm2wE_VZHDFW14xf2-k3wkkZ2Qgf_R7jxvyKnmlOdr3qTywqvpt7m4D9JF82AABXZ6gQA6nV2j7M76HK8GeXjgunsy849x970btFRp5aLHi5SJfXLe-Ph9G6Cz1Xw_Aei6HYDeuq5CA_fvNSYJBcjuTRWvSirFYfxf0cxLg-X%2526sig%253DCg0ArKJSzEEGYVBI8VWsEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D

Requested by

Host: 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
URL: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

705197fe8f4d04fb5aeb1c14c6f6a77f54f850815a0945f70e396d38e0bb4c4a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:34 GMT
content-encoding: gzip
an-x-request-uuid: 9487fd06-8fb5-4de6-b8f6-e81b2266d1b6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.120; 194.74.212.120; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F49E 206 KB
62 KB 153ms
61ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
URL: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 08:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 25 Mar 2024 09:28:41 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F49E 0
0 96ms
95ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuMOsK5eSV2-IxEzNGGg5e-42KBxQHX_NRpFgu8wEZcHvNtz3G6vufkyJ3eS1wA4hql0_V8UrChmKhCYaxd-FvrlpDdPK4XIG8FmbNeqB_f_VcZvXb6w8VcKSUhtOHMIs1jAs-EliznB9vXuvliT666gDwBfwfVXaE6uRdWsEMhkplZUYIQmZD-Bd4cAAiYz1pGFKKdfFnKkeGBdqh50nhbUayh2Q6O13iGa5mhDfjc2AQJ1hNq-TZ3MzQxWMcjjR_iAG1i_sJwaUIIe02qGoknLJRz52LZ0-uKS66F2flGk4gCYMFCu9-fFgP0Y7u3Cx4T0mCONPEjZKofrzcjhuiSg2Oc0nkiAVsuPGUGyq5X9S148w&sig=Cg0ArKJSzAApjk-YiOydEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
URL: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame F49E 51 B
293 B 448ms
292ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=300x250&cb=399889148&pubclick=https://pagead2.googlesyndication.com/pcs/click%253Fxai%253DAKAOjsuhyK-XO1ykbApR3Jp2kjBSa3z0SqcJgO7yXfQU7cr4lswZAlOBgSZz10FOebJBDBKTSVmngjWVOIghi80Jm_Y3IiluOwgjtyM2hD5bJbNwXXZDy5U4F2D38qSdHzYZ8mVC9E3Y6xhKejgTvPH4nLcgG413NJ9a_85_S6W5HO0URmmnBhTLotxMBLBjMt7u5-uKso16S_JQm2wE_VZHDFW14xf2-k3wkkZ2Qgf_R7jxvyKnmlOdr3qTywqvpt7m4D9JF82AABXZ6gQA6nV2j7M76HK8GeXjgunsy849x970btFRp5aLHi5SJfXLe-Ph9G6Cz1Xw_Aei6HYDeuq5CA_fvNSYJBcjuTRWvSirFYfxf0cxLg-X%2526sig%253DCg0ArKJSzEEGYVBI8VWsEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 286958
expires: 60

GET
H2 200 ttj Show response
secure.adnxs.com/ Frame F49E 9 KB
5 KB 451ms
450ms Script
application/javascript 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?ttjb=1&bdc=1711357354&bdh=Fof7uj0WBhcDf8NNQiUPwIhM6Jk.&&bdref=https%3A%2F%2Fwheregoes.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwheregoes.com%2F,https%3A%2F%2F3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&&id=18678115&size=300x250&cb=399889148&pubclick=https%3A%2F%2Fpagead2.googlesyndication.com%2Fpcs%2Fclick%253Fxai%253DAKAOjsuhyK-XO1ykbApR3Jp2kjBSa3z0SqcJgO7yXfQU7cr4lswZAlOBgSZz10FOebJBDBKTSVmngjWVOIghi80Jm_Y3IiluOwgjtyM2hD5bJbNwXXZDy5U4F2D38qSdHzYZ8mVC9E3Y6xhKejgTvPH4nLcgG413NJ9a_85_S6W5HO0URmmnBhTLotxMBLBjMt7u5-uKso16S_JQm2wE_VZHDFW14xf2-k3wkkZ2Qgf_R7jxvyKnmlOdr3qTywqvpt7m4D9JF82AABXZ6gQA6nV2j7M76HK8GeXjgunsy849x970btFRp5aLHi5SJfXLe-Ph9G6Cz1Xw_Aei6HYDeuq5CA_fvNSYJBcjuTRWvSirFYfxf0cxLg-X%2526sig%253DCg0ArKJSzEEGYVBI8VWsEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

6ac3b3e0ab1c3161a042fa0f430a857d9e51e5e7833855a4a7843c33fea5f50b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
content-encoding: gzip
x-creative-id: 381846714
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-proxy-origin: 194.74.212.120; 194.74.212.120; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection: 0
pragma: no-cache
an-x-request-uuid: 155f9c47-0643-4f9e-b30b-37e91b819fff
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63D9 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1106
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 25 Mar 2024 08:44:08 GMT
expires: Tue, 25 Mar 2025 08:44:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame 467D 0
0 303ms
302ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvMUWnJdtPhN3nQx2zGoiYD_VILt-HNc0TOGIE00guLL1uPD1OxgrutHJlJIrZgxsyNSCjPIyAzCxI2flci2prFmZQH7cHWwWu-rHTCSqUJyUTc3p7qlvy6VH-n4pIpnUFTM0w5-Xtwe2iVjQkyvk23PbK5EdB43lANnB1pydGKBKGgyHxGC4PPzTzIzyZ50QV_KiRvtagJa4ZIOcyKU1aVv52DlUn4cfSf7IMbtzZqcDa22OdxGdPkId7CDtjnJqVU9uccr6o9kE8EBbn481YhXwlKLznmxW5Hz1_a34tdnSPeYuvQAyrjtmstHxUBbmt21EBAbHJmPIUaB77YAwx0hOsHr1cN_cK_BetVQDjRKN0U1ipGX5Tx1o-HGw&sig=Cg0ArKJSzMwEntRJaVGKEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame DCD7 0
0 271ms
270ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss22gNSfMc5kDzd_6vHxpK4FNJ7MD-Vq485ekvEsH_c1Z6CoaVkD11O0cPb90mIZZj9Xv4IBAIq0g3sjG6Te0H4r-wkbQ-E3bgHxlE1csrr_6ItEizUXD2eGDHUIhK0YaIdpBtQWUkOIH86ghEN_4g2Ov_3_6I_fVljmysdfpuAhMCuIkBnWLubBiKKLkyQVimq0vr3uN6ru1NpdeSBaVg79poAs4CAy8jYfMBcJ2tB6xswlaWd7HNktjiv776ZHcZhzu_xL264YGppHpIajhudTkouaOWWMgPpKbVlrBLT0MswFfENRpOzY-0i1R6U7J-eF9A9bvbjZgDA9y2n6atRDCGBhMw16ER2XnNIQRp9E29lnP-dgjlA&sig=Cg0ArKJSzAOqkm4yLvUwEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 63D9 40 KB
16 KB 257ms
257ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 08:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1735
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Mar 2025 08:33:39 GMT

GET
H2 200 sdk.js Show response
adsdk.microsoft.com/native-to-display/ Frame F49E 96 KB
39 KB 677ms
264ms Script
application/javascript 2620:1ec:46::43
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by: Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1711357354&bdh=Fof7uj0WBhcDf8NNQiUPwIhM6Jk.&&bdref=https%3A%2F%2Fwheregoes.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwheregoes.com%2F,https%3A%2F%2F3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&&id=18678115&size=300x250&cb=399889148&pubclick=https%3A%2F%2Fpagead2.googlesyndication.com%2Fpcs%2Fclick%253Fxai%253DAKAOjsuhyK-XO1ykbApR3Jp2kjBSa3z0SqcJgO7yXfQU7cr4lswZAlOBgSZz10FOebJBDBKTSVmngjWVOIghi80Jm_Y3IiluOwgjtyM2hD5bJbNwXXZDy5U4F2D38qSdHzYZ8mVC9E3Y6xhKejgTvPH4nLcgG413NJ9a_85_S6W5HO0URmmnBhTLotxMBLBjMt7u5-uKso16S_JQm2wE_VZHDFW14xf2-k3wkkZ2Qgf_R7jxvyKnmlOdr3qTywqvpt7m4D9JF82AABXZ6gQA6nV2j7M76HK8GeXjgunsy849x970btFRp5aLHi5SJfXLe-Ph9G6Cz1Xw_Aei6HYDeuq5CA_fvNSYJBcjuTRWvSirFYfxf0cxLg-X%2526sig%253DCg0ArKJSzEEGYVBI8VWsEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:46::43 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: fbeab1f0e0d16ab6ad4b762b0ea2f43a9c01795def4573b6d1a772bd91e28acf

Request headers

Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
Origin: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 25 Mar 2024 09:02:35 GMT
content-encoding: br
last-modified: Fri, 22 Mar 2024 18:25:14 GMT
vary: Accept-Encoding
x-azure-ref: 20240325T090235Z-d4fxvxgxed71m6hfwvzknrpwes000000092g000000013au0
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 91b623ba-601e-009d-2e86-7c52d2000000
cache-control: private, max-age=3600, stale-while-revalidate=86400
x-cache: TCP_HIT
x-ms-version: 2009-09-19
x-fd-int-roxy-purgeid: 67545430

GET
H2 200 it
fra1-ib.adnxs.com/ Frame F49E 0
972 B 84ms
72ms Image
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwheregoes.com%2F&e=wqT_3QLkC_BM5AUAAAMA1gAFAQiq-4SwBhDC1-6k4efDlksYh6HD7Yzw7ttaKjYJHR7sMA3qxD8Rz0_gVFnewz8ZAAAAQOF6xD8hz0_gVFnewz8pHR4JJAAxCRuwhD8w44L0CDjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t4AIABAYoBA1VTRJIBAQb0EwKYAawCoAH6AagBAbABALgBAsABBcgBAtABANgBAOABAOoBrARodHRwcyUzQSUyRiUyRnBhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tJTJGcGNzJTJGY2xpY2slMjUzRnhhaSUyNTNEQUtBT2pzdWh5Sy1YTzF5a2JBcFIzSnAya2pCU2EzejBTcWNKZ083eVhmUVU3Y3I0bHN3WkFsT0JnU1p6MTBGT2ViSkJEQktUU1ZtbmdqV1ZPSWdoaTgwSm1fWTNJaWx1T3dnanR5TTJoRDViSmJOd1hYWkR5NVU0RjJEMzhxU2RIellaOG1WQzlFM1k2eGhLZWpnVHZQSDRuTGNnRzQxM05KOWFfODVfUzZXNUhPMFVSbW1uQmhUTG90eE1CTEJqTXQ3dTUtdUtzbzE2U19KUW0yd0VfVlpIREZXMTR4ZjItazN3a2taMlFnZl9SN2p4dnlLbm1sT2RyM3FUeXdxdnB0N200RDlKRjgyQUFCWFo2Z1FBNm5WMmo3TTc2SEs4R2VYamd1bnN5ODQ5eDk3MGJ0RlJwNWFMSGk1U0pmWExlLVBoOUc2Q3oxWHdfQWVpNkhZRGV1cTVDQV9mdk5TWUpCY2p1VFJXdlNpckZZZnhmMGN4TGctWCUyNTI2c2lnJTI1M0RDZzBBcktKU3pFRUdZVkJJOFZXc0VBRSUyNTI2ZmJzX2FlaWQlIa5AJTI1MjU1Qmd3X2Zic2FlaWQJEQUYHDZ1cmxmaXglASgAMQEYFDZhZHVybAUQOPABANgCAOACn_A_6gIWaEE6mDovL3doZXJlZ29lcy5jb20vgAMAiAMBkAMAmAMZoAMBqgOrAwrBAhUsGHd3LmJpbmcFK_B5YXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NWZlNWQ2YzUtOWQ2NC00NmMyLTllMmMtYWI4MzIwNDE5MmZiJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW4ZXBhwdWJsaXNoBSksMTYyNjQ1MzMwJnJJmnEAuHJ0eXBlPW51cmwmdGFnSWQ9MTg2NzgxMTUmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_wQ192Y3FyaXZwciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzU0MTcwMDI2ODYxMDQ3MTAwODIiCTM4MTg0NjcxNCoEIV7w3jo4VTJWaGNtTm9RV1FqTnprNU1qQTRPREkzTWpVMk1qRWpNak16TVRjeU1EVTJOVFV4TURVME1RPT3AA9gEyAMA2APF1PIB4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDjE5NC43NC4yMTIuMTIwqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLqJirYBiAUBmAUAoAXjz6q9prT7lVvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXw1F76BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBsKNBNoGFgoQCRIZAQGLXOAGAfIGAggAgAcBiAcAoAcByAcA0gcNCREmASQM2gcGCAUJuOAHAOoHAggA8AeAqRCKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=7febe349232d2d65fe17f29d1f2a0b12ed33e0f7

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1711357354&bdh=Fof7uj0WBhcDf8NNQiUPwIhM6Jk.&&bdref=https%3A%2F%2Fwheregoes.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwheregoes.com%2F,https%3A%2F%2F3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&&id=18678115&size=300x250&cb=399889148&pubclick=https%3A%2F%2Fpagead2.googlesyndication.com%2Fpcs%2Fclick%253Fxai%253DAKAOjsuhyK-XO1ykbApR3Jp2kjBSa3z0SqcJgO7yXfQU7cr4lswZAlOBgSZz10FOebJBDBKTSVmngjWVOIghi80Jm_Y3IiluOwgjtyM2hD5bJbNwXXZDy5U4F2D38qSdHzYZ8mVC9E3Y6xhKejgTvPH4nLcgG413NJ9a_85_S6W5HO0URmmnBhTLotxMBLBjMt7u5-uKso16S_JQm2wE_VZHDFW14xf2-k3wkkZ2Qgf_R7jxvyKnmlOdr3qTywqvpt7m4D9JF82AABXZ6gQA6nV2j7M76HK8GeXjgunsy849x970btFRp5aLHi5SJfXLe-Ph9G6Cz1Xw_Aei6HYDeuq5CA_fvNSYJBcjuTRWvSirFYfxf0cxLg-X%2526sig%253DCg0ArKJSzEEGYVBI8VWsEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:34 GMT
an-x-request-uuid: e9f6f288-132d-4c2a-a238-3426083564cd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.120; 194.74.212.120; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/243/ Frame F49E 80 KB
28 KB 159ms
30ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/243/trk.js
Requested by: Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1711357354&bdh=Fof7uj0WBhcDf8NNQiUPwIhM6Jk.&&bdref=https%3A%2F%2Fwheregoes.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwheregoes.com%2F,https%3A%2F%2F3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&&id=18678115&size=300x250&cb=399889148&pubclick=https%3A%2F%2Fpagead2.googlesyndication.com%2Fpcs%2Fclick%253Fxai%253DAKAOjsuhyK-XO1ykbApR3Jp2kjBSa3z0SqcJgO7yXfQU7cr4lswZAlOBgSZz10FOebJBDBKTSVmngjWVOIghi80Jm_Y3IiluOwgjtyM2hD5bJbNwXXZDy5U4F2D38qSdHzYZ8mVC9E3Y6xhKejgTvPH4nLcgG413NJ9a_85_S6W5HO0URmmnBhTLotxMBLBjMt7u5-uKso16S_JQm2wE_VZHDFW14xf2-k3wkkZ2Qgf_R7jxvyKnmlOdr3qTywqvpt7m4D9JF82AABXZ6gQA6nV2j7M76HK8GeXjgunsy849x970btFRp5aLHi5SJfXLe-Ph9G6Cz1Xw_Aei6HYDeuq5CA_fvNSYJBcjuTRWvSirFYfxf0cxLg-X%2526sig%253DCg0ArKJSzEEGYVBI8VWsEAE%2526fbs_aeid%253D%25255Bgw_fbsaeid%25255D%2526urlfix%253D1%2526adurl%253D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Expires: Thu, 06 Mar 2025 13:25:27 GMT
Date: Mon, 25 Mar 2024 09:02:34 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 1625827
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 27680
X-Served-By: cache-lga21945-LGA, cache-lcy-eglc8600024-LCY
Last-Modified: Wed, 06 Mar 2024 13:23:40 GMT
Server: AkamaiNetStorage
X-Timer: S1711357355.965241,VS0,VE0
ETag: "8ddbd8bafc2492a69e46a808a5e2a727:1709731420.917212"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 8, 1861560

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 63D9 0
10 B 41ms
40ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AvpY8w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403190101&jk=1975335268509769&bg=!LyylLGPNAAZaswqNerM7ADQBe5WfOK6ME-Xdo04kGtsHPBYU6ncKCnMhwfg4m7Z-J_PPxk6l5wOFZCUtBdApahah8fogAgAAAGxSAAAAAmgBB34ANQVNp3lI0qJJXr0ClTcgiku_bKMp4YBT1rbIMDE3G7d9osJOBV2fE73B2-vVGhPn7-6alnjLCgAybRpWOPuCvqzZX9aeuP3YoIgwzQyBqfDhJ7wqTESRFwxlco8KNAwpd_2BM0Owj_apxTeZAloE2c04yB-1rmgLWuakF6Qw7la252Ph1_2LCuPaolOfpM1G7vaBnlmHBic-MrbWknkUQNEqd7CymNkgvR7kJTW2YvFVlIv0j9EW5zr8spbJNezdV6VDSmAp8fmGOKwzptGuwpeQ-v08FCJSlGmS-ev5Hxm0VVHE_wcahyiqhcck9dwkw_atKU10ADc0W4Z91FzS5ApbmxLTUDdTLkNOrSOvRu8H-2q1CHRTO2-pFGWmvK2ILqO2Zkx2ZD7h0O2t_T48ocQVQE1_gCffB9xj6bTsLdx2wcJrVK-3v9L0xgFxSguq4IjkHhgQultX3gTKOOyrh6kYj1JiyMl7XIWqfLJ31k_MepifiDVAsfWfbwt8vYhrnh3CWDAaBWs97XVm-nz1A7oPLThtJDa7f_7qXppLKwgldKXu0V8XBjt4xHxd-OMt1RJ59FbNFsg_5w3WGuHe0hkFDXVMdRuT9fIR-LarjCzr2nxbQwBJ-gdRUOVk7vkfsxB8yEL9pGemMwPZ2_E0osh_OQUoYijlooT20TCGMvdvmVCyndr1EEl1XXzazAqCDdUSNMKcCTvcmSZrG1Xec4Yg-0xmN8WGnWe2YBc_Wnm18ptQ9Rr-WhyoPmJ8HyS-Dq8tWjaZcrDAKldnmRJxpWPzfFvyAbj7drSBdDBXj6yo6m76in_XX5DeRmh3QJtD0dwnH85AWCZt5vZ79XM77-SF1-dz2EwW3-9G8r7u3sGQ68kyneHaGZYitOVytxHFn-ALMwYIpF3hm-sxq2Q-JYnPnhwgj7OH_apb970L14o9XRJZQPzOeQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2

200

c.gif
www.bing.com/aes/ Frame F49E
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=7598e0e3-e892-4202-8c3b-57923fe2e33a&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=391466&publisherId=162645330&rId=5fe5d6c5-9d64-46c2...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a44b982c39e34a468377044154030fcb&SNR=1&GV=2&med=10

0
545 B

129ms
128ms

Image
text/plain

2a02:26f0:f500:6::216:5bd6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a44b982c39e34a468377044154030fcb&SNR=1&GV=2&med=10
Requested by: Host: 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
URL: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2a02:26f0:f500:6::216:5bd6 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 115E6174511F44F28769F7586BCA4D37 Ref B: FRA31EDGE0717 Ref C: 2024-03-25T09:02:35Z
x-cdn-traceid: 0.96521302.1711357355.706fa68
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 25 Mar 2024 09:02:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DC8DE2D1357A4656ADE0DBA22C172F33 Ref B: DUS30EDGE0306 Ref C: 2024-03-25T09:02:35Z
x-cdn-traceid: 0.96521302.1711357355.706f8e0
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=a44b982c39e34a468377044154030fcb&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 th
www.bing.com/ Frame F49E 17 KB
18 KB 299ms
103ms Image
image/jpeg 2a02:26f0:f500:6::216:5bd6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559336162660_15GJ8XDYX0LNU3OM0D&pid=21.2&c=3&w=300&h=157&qlt=90
Requested by: Host: 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
URL: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f500:6::216:5bd6 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20f1407038acffdcd2daf6e2cb942c4095bda73ec586d85a1d5b499269bfcb81

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:35 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.96521302.1711357355.706f8df
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 17770
alt-svc: h3=":443"; ma=93600

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E993 52 KB
17 KB 162ms
30ms Document
text/html 151.101.193.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Requested by: Host: 3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
URL: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 29974
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Mon, 25 Mar 2024 09:02:35 GMT
ETag: W/"623de86a-cf34"
Expires: Thu, 21 Mar 2024 00:42:53 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 483, 56774
X-Served-By: cache-lga13626-LGA, cache-lcy-eglc8600048-LCY
X-Timer: S1711357356.734472,VS0,VE0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DCD7 42 B
64 B 78ms
77ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvdofWJqqHOQejMr7E31BqlBBVbWxaerQoBgzuAG-hpNPzl3_uYstG8Ut1WsPiwNSvAgRMqLYclj-MH7vVCZwUYVasbLEGVH-JOYpQBWm-66pYJ7urTCzZwGcMe-HAEjGoRa9beLTENJyHIlwgMGa1CwwB6J8J4bg&sig=Cg0ArKJSzNnCEsKa5y4NEAE&id=lidar2&mcvt=1061&p=440,436,530,1164&mtos=1061,1061,1061,1061,1061&tos=1061,0,0,0,0&v=20240320&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1696759606&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=729015400&rst=1711357354139&rpt=405&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 vevent
fra1-ib.adnxs.com/ Frame F49E 0
1022 B 117ms
116ms Ping
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwheregoes.com%2F&e=wqT_3QLkC_BM5AUAAAMA1gAFAQiq-4SwBhDC1-6k4efDlksYh6HD7Yzw7ttaKjYJHR7sMA3qxD8Rz0_gVFnewz8ZAAAAQOF6xD8hz0_gVFnewz8pHR4JJAAxCRuwhD8w44L0CDjKQUC1XkjjA1C6iYq2AViY1VJgAGiR92t4AIABAYoBA1VTRJIBAQb0EwKYAawCoAH6AagBAbABALgBAsABBcgBAtABANgBAOABAOoBrARodHRwcyUzQSUyRiUyRnBhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tJTJGcGNzJTJGY2xpY2slMjUzRnhhaSUyNTNEQUtBT2pzdWh5Sy1YTzF5a2JBcFIzSnAya2pCU2EzejBTcWNKZ083eVhmUVU3Y3I0bHN3WkFsT0JnU1p6MTBGT2ViSkJEQktUU1ZtbmdqV1ZPSWdoaTgwSm1fWTNJaWx1T3dnanR5TTJoRDViSmJOd1hYWkR5NVU0RjJEMzhxU2RIellaOG1WQzlFM1k2eGhLZWpnVHZQSDRuTGNnRzQxM05KOWFfODVfUzZXNUhPMFVSbW1uQmhUTG90eE1CTEJqTXQ3dTUtdUtzbzE2U19KUW0yd0VfVlpIREZXMTR4ZjItazN3a2taMlFnZl9SN2p4dnlLbm1sT2RyM3FUeXdxdnB0N200RDlKRjgyQUFCWFo2Z1FBNm5WMmo3TTc2SEs4R2VYamd1bnN5ODQ5eDk3MGJ0RlJwNWFMSGk1U0pmWExlLVBoOUc2Q3oxWHdfQWVpNkhZRGV1cTVDQV9mdk5TWUpCY2p1VFJXdlNpckZZZnhmMGN4TGctWCUyNTI2c2lnJTI1M0RDZzBBcktKU3pFRUdZVkJJOFZXc0VBRSUyNTI2ZmJzX2FlaWQlIa5AJTI1MjU1Qmd3X2Zic2FlaWQJEQUYHDZ1cmxmaXglASgAMQEYFDZhZHVybAUQOPABANgCAOACn_A_6gIWaEE6mDovL3doZXJlZ29lcy5jb20vgAMAiAMBkAMAmAMZoAMBqgOrAwrBAhUsGHd3LmJpbmcFK_B5YXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9NWZlNWQ2YzUtOWQ2NC00NmMyLTllMmMtYWI4MzIwNDE5MmZiJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjMmb0FkVW4ZXBhwdWJsaXNoBSksMTYyNjQ1MzMwJnJJmnEAuHJ0eXBlPW51cmwmdGFnSWQ9MTg2NzgxMTUmdHJhZmZpY0dyb3VwPWtuYXFlXzNjERYIU3ViCRkUenpmJTNBER_wQ192Y3FyaXZwciZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzU0MTcwMDI2ODYxMDQ3MTAwODIiCTM4MTg0NjcxNCoEIV7w3jo4VTJWaGNtTm9RV1FqTnprNU1qQTRPREkzTWpVMk1qRWpNak16TVRjeU1EVTJOVFV4TURVME1RPT3AA9gEyAMA2APF1PIB4AMA6AMA-AMBgAQAkgQEL3R0apgEAKIEDjE5NC43NC4yMTIuMTIwqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLqJirYBiAUBmAUAoAXjz6q9prT7lVvABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXw1F76BQQIABAAkAYAmAYAuAYAwQYFIjAA8D_QBsKNBNoGFgoQCRIZAQGLXOAGAfIGAggAgAcBiAcAoAcByAcA0gcNCREmASQM2gcGCAUJuOAHAOoHAggA8AeAqRCKCAIQAJUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=7febe349232d2d65fe17f29d1f2a0b12ed33e0f7&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=300&bh=157&sid=6357542531340170263&vd=ct~0|rr~0&sv=243&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=18678115&sw=1600&sh=1200&pw=300&ph=410&ww=300&wh=250&ft=3

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/243/trk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:35 GMT
an-x-request-uuid: 532607bb-859b-4a29-969d-1b314427fb6a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 194.74.212.120; 194.74.212.120; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F49E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ea0cdc5140e4e11b7b2fec33f69d757454e2f644b5ca252f466f138f55b23e1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 async_usersync Show response
ib.adnxs.com/ Frame E993 0
921 B 45ms
45ms Script
text/html 37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:35 GMT
an-x-request-uuid: c5a13c4d-65c9-46b8-b2af-01dfd0897087
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, private
x-proxy-origin: 194.74.212.120; 194.74.212.120; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 220ms
64ms Script
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1711357200000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Mar 2024 09:02:36 GMT

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame F49E 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssdBwyL0q2ZutAtotf5Us5T32bbtXWs24QSyNtb0WWtZbfcyK8Y3ixNPjB0zVeNFTk6LxqEWWitODu2IaW131GaggSDdkmrWVPkS0qGmM-xdchrOgNILFOhrWkd7xWLSx0VWXaT8cOLxJ5BB8dDRI2Il0amSL9b3bndTuW1r_JVMeNuZV5vdW51np7n8wc08xwWaGIpumNzjPRMwU5dm9Ncv590aAyl8SLdjP31ptyQDewg3xAgEM4squ5RGySomcbzbzxCEfnHhuUg6t1EzSiqAZAFZuaVoYIk9lxnv-t0qR4GqevAjFnEReJ7YKpx0rGOS7DFedZilwOVorirbKd3JFwCvZC-_79M7oJ62jpafiENOg1d&sig=Cg0ArKJSzCKrPNPBZxMqEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6C6C 14 KB
6 KB 38ms
36ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 25 Mar 2024 09:02:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 406192
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.144.js Show response
static.criteo.net/js/ld/ 96 KB
31 KB 187ms
60ms XHR
text/javascript 2a02:2638:3::3

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.144.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 25 Mar 2024 09:02:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-1811e"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Mar 2024 09:02:36 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6C6C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=wheregoes.com&sn=ChromeSyncframe&so=0&topUrl=wheregoes.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=tMYaSHxoaVpYR21ISlZsK01PQ1dlWXZRRjdMS2tLYy9UQ2kxS2FVcFVqN3pIbnVxU1d1RWNvc3pXU09rMWJia3ZxZktYaExDamF2RnA4UTh5TUNjd05peTlGQUo5YVNMUHgvZkt3RkdMSE9kdXdjc0h6Y1pOOHdkT1c4K2...

427 B
651 B

43ms
36ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tMYaSHxoaVpYR21ISlZsK01PQ1dlWXZRRjdMS2tLYy9UQ2kxS2FVcFVqN3pIbnVxU1d1RWNvc3pXU09rMWJia3ZxZktYaExDamF2RnA4UTh5TUNjd05peTlGQUo5YVNMUHgvZkt3RkdMSE9kdXdjc0h6Y1pOOHdkT1c4K2w4cG1jRER5VmpmVERyMlZvazg3d2hSVzZRZkdTNVZJb2sxY216YjhsckJyc2dHWmIyWEU5VENnNFFTN3lySmRvV3hYS1JpN2RBK1BzZkJNMHVERndDZ3FyMnlQaktDdlphUWM3emY3THNRSnNyUXE2Y0xHdXlrUDY2cmtxcUdYYWZRSmtVYm1KWTZpd0J3cmZUMFRzYU5UWWtLeUpXSnZlR0szVHdOdFpkUzUvNWh6MGdEST18&cppv=2

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3b79085c599b6f6d8245a2394dba5bdd3e8d22176ecf75e95fc8248615d7b158

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:35 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1286310
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 25 Mar 2024 09:02:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=tMYaSHxoaVpYR21ISlZsK01PQ1dlWXZRRjdMS2tLYy9UQ2kxS2FVcFVqN3pIbnVxU1d1RWNvc3pXU09rMWJia3ZxZktYaExDamF2RnA4UTh5TUNjd05peTlGQUo5YVNMUHgvZkt3RkdMSE9kdXdjc0h6Y1pOOHdkT1c4K2w4cG1jRER5VmpmVERyMlZvazg3d2hSVzZRZkdTNVZJb2sxY216YjhsckJyc2dHWmIyWEU5VENnNFFTN3lySmRvV3hYS1JpN2RBK1BzZkJNMHVERndDZ3FyMnlQaktDdlphUWM3emY3THNRSnNyUXE2Y0xHdXlrUDY2cmtxcUdYYWZRSmtVYm1KWTZpd0J3cmZUMFRzYU5UWWtLeUpXSnZlR0szVHdOdFpkUzUvNWh6MGdEST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 280113
content-length: 0
expires: 0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
prebid.media.net/	1970-01-20 23:41:49	Name: receive-cookie-deprecation Value: 1
.rubiconproject.com/	1970-01-21 04:08:13	Name: khaos Value: LU6PZD7P-2-EO28
.rubiconproject.com/	1970-01-21 04:08:13	Name: audit Value: 1\|naVuGyos1qq5bz8C1tfwgoU28RLvi57Qg4YPg3oJAz/5w/0Bm/0eERPAvrRhUdIquVM0bP5nQ80zgHlbzd1OQIn0kEOGVL/NzxTqj0kKQGgijy0RC4Zd8RuybVyVU0yt
.adnxs.com/	1970-01-20 21:32:13	Name: XANDR_PANID Value: QqDRtUw07UugLVhvQ7JYtySTEpBI7YRRoi4_aDFD2OOiZgMIibxU7MCPstwyNXsbw0C4B2-tookTCaY6WQhIW3MDkN1txLrhNAfMYGIEFUo.
.adnxs.com/	1970-01-21 04:58:37	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 21:32:13	Name: uuid2 Value: 6536899546032689287
.wheregoes.com/	1970-01-20 23:41:49	Name: __eoi Value: ID=f19912bab3743bce:T=1711357354:RT=1711357354:S=AA-AfjbHUmt_qssdp5VycRfzDJG4
.adnxs.com/	1970-01-20 21:32:13	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E?bBR_+3!@wnf-Te9(>wL5L!!'k)$vh5]
.adnxs.com/	1970-01-20 21:32:13	Name: icu Value: ChgIvahBEAoYAiACKAIwqvuEsAY4AkACSAIQqvuEsAYYAQ..
.bing.com/	1970-01-21 04:44:13	Name: MUID Value: 259BF4F80776648808C8E0B506B66530

40 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://wheregoes.com/trace/20241611753/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3f99926fa2d6eea4fba4b0f0f461da4c.safeframe.googlesyndication.com
acdn.adnxs.com
ads.servenobid.com
adsdk.microsoft.com
ap.lijit.com
api.fouanalytics.com
bidder.criteo.com
cdn.adnxs.com
cdn4.buysellads.net
fastlane.rubiconproject.com
fra1-ib.adnxs.com
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
prebid.media.net
secure.adnxs.com
securepubads.g.doubleclick.net
srv.buysellads.com
static.criteo.net
tpc.googlesyndication.com
wheregoes.com
www.bing.com
151.101.1.108
151.101.193.108
161.35.94.134
161.35.94.167
178.250.1.8
185.255.84.150
2602:803:c003:200::21
2606:4700:3035::ac43:b70e
2606:4700:3037::6815:5f57
2620:1ec:46::43
2a00:1450:4001:802::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a02:2638:3::3
2a02:2638:3::c
2a02:26f0:f500:6::216:5bd6
34.120.63.153
37.252.171.21
51.38.120.206
54.194.237.178
54.73.171.109
00d6b67ca0e170d4a9ad7e0d1d92f9d7a0d06dd0fa9532992dc85f12fe774977
0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0e27058b12e0720b0b8a20d22415ed984424dd236264799aea05f269f7f5374c
19cb0e347a14c911e581de87f199aafa3df122891112ebb24da4ed023250fd32
19f4129c1cfc1a9fcb2e94b35853f3d2085c0807564e37971d1ccb6ef2a7e852
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1d20c481e50170ca79ba8d1e25956a4dd11088bdd7ccd13cdd0b45f96b20c535
1fe53cf7f03d12af875315353f6ab8df7a936fa9e26cbe0c5e2f1dc7269652b8
20f1407038acffdcd2daf6e2cb942c4095bda73ec586d85a1d5b499269bfcb81
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3374acf83f6a0790d6479117960a5dcdaf14ea4e199998dbc7c6f50f88cc53c6
3a2ee1027a493413ff804d1bc3887dd6ca9d91949f08161f7ac61896ec1282d3
3b79085c599b6f6d8245a2394dba5bdd3e8d22176ecf75e95fc8248615d7b158
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
41a436d1adf50649e0f3488bdf298b4db082fc399ce9fbac467de812e595ddba
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
477d3a706126edd285c4364d609e84d08952047584058a6f024f7409da13067e
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
6ac3b3e0ab1c3161a042fa0f430a857d9e51e5e7833855a4a7843c33fea5f50b
6cedb5bf9633e423128fc5d84aed80519171142c2271c156e503a216b8b98a3c
6e357b224727d944d9a54c98d2afe8c4c0b0bc05474087c9616a3da4f4ea9ba8
6ea0cdc5140e4e11b7b2fec33f69d757454e2f644b5ca252f466f138f55b23e1
705197fe8f4d04fb5aeb1c14c6f6a77f54f850815a0945f70e396d38e0bb4c4a
7ae93fccdf26b44bd25485924166ff1b2589817d5c0bc1398e75a2a1f32a54d4
822564c212b718dbe6e0f440dbf5c28d81763404fe74b1716625bef915d9ec3f
82da873956888d3a0a1db331a301c9b95de6937c0acf64c33a2c9fc711b7fb54
8d08b67c252083a37cb7295ba5796d73c6e205c7aabe133d9cb604b73ea5985c
97dec39d6a32478d9c201a0de1eb3c48ff2e972dcf599553df2b2ea609fbc0dd
9d2ccdcea4bb26f693015f34e4ce2627f9b730007b330b9bbb9f50aab1491cb8
a80ebeed7992416416468212d7ca0356ae148e0bd5111e0bcec29f0f1ca6f7c3
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
ace147b15952e57d7696b7c0acc2a11bc405c9c25cc836978e1ac1f4616751cf
b4987ec68837273fe612c09892841f5011f57d542e12b1567db12e18e5e214ed
b55e1adb134099fbed1d6ac7b531b0d73c3f623d007ef0cfb8b0fc1393d8f2c3
be0cd36c7aae81d58d929850be4471dcfdae950c9c90f99f1b43e5ed38f82dda
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce2fd09250835389e5dda057cd51744d3d0fba0c33f0bf309552a5038281e11c
d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2
d702e5ed1e573918d912775ac1e88987fc177aa51efe1253a08f71ab54f96516
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea45ccca8c7a09a2f27c8fbb250e7a3aecdd4977d68b8864a50931ce653d5143
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbeab1f0e0d16ab6ad4b762b0ea2f43a9c01795def4573b6d1a772bd91e28acf
fc7ef9dd5e7a9e9f3563b72bc8e179e6ac2adb351549915694f663b5dc09c619
fcd9b875c8827686cfac4d2575dae43ecabef2a3663069fd01c9325c66734488
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876

wheregoes.com Open in urlscan Pro 2606:4700:3035::ac43:b70e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

73 Requests

96 %HTTPS

50 %IPv6

17 Domains

25 Subdomains

23 IPs

5 Countries

1183 kBTransfer

3202 kBSize

10 Cookies

1 Outgoing links

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wheregoes.com Open in urlscan Pro
2606:4700:3035::ac43:b70e Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

96 %
HTTPS

50 %
IPv6

17
Domains

25
Subdomains

23
IPs

5
Countries

1183 kB
Transfer

3202 kB
Size

10
Cookies

73 HTTP transactions
4 data transactions