URL: https://wheregoes.com/trace/20244243105/
Submission: On August 07 via manual from ID — Scanned from CA

Summary

This website contacted 21 IPs in 2 countries across 16 domains to perform 77 HTTP transactions. The main IP is 172.67.183.14, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheregoes.com.
TLS certificate: Issued by WE1 on June 11th 2024. Valid for: 3 months.
This is the only time wheregoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 23 172.67.183.14 13335 (CLOUDFLAR...)
3 172.67.170.60 13335 (CLOUDFLAR...)
1 24.144.70.77 14061 (DIGITALOC...)
9 172.217.197.156 15169 (GOOGLE)
1 159.203.151.34 14061 (DIGITALOC...)
1 74.119.117.6 19750 (AS-CRITEO)
1 195.244.31.11 63140 (IGUANA-WO...)
1 51.222.39.186 16276 (OVH)
1 23.20.203.238 14618 (AMAZON-AES)
1 68.67.160.24 29990 (ASN-APPNEX)
1 34.120.63.153 396982 (GOOGLE-CL...)
4 2602:803:c002... 26667 (RUBICONPR...)
1 3.23.121.74 16509 (AMAZON-02)
1 64.233.180.155 15169 (GOOGLE)
10 172.253.63.155 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:400... 15169 (GOOGLE)
1 173.194.66.105 15169 (GOOGLE)
2 2620:100:a00b::4 19750 (AS-CRITEO)
1 2620:100:a00b... 19750 (AS-CRITEO)
77 21
Apex Domain
Subdomains
Transfer
23 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 157
2ddf988e0fea2e051a18f85c9aecf8e9.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 203
367 KB
23 wheregoes.com
wheregoes.com
201 KB
10 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 280
215 KB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 780
3 KB
3 fouanalytics.com
api.fouanalytics.com — Cisco Umbrella Rank: 16495
8 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 992
31 KB
2 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 944
gum.criteo.com — Cisco Umbrella Rank: 553
220 B
1 google.com
www.google.com — Cisco Umbrella Rank: 10
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 4278
781 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1534
1 KB
1 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
709 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 1228
359 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1081
410 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4612
437 B
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 34181
652 B
1 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 35871
151 KB
77 16
Domain Requested by
23 wheregoes.com 1 redirects wheregoes.com
11 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
10 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
10 securepubads.g.doubleclick.net cdn4.buysellads.net
securepubads.g.doubleclick.net
wheregoes.com
pagead2.googlesyndication.com
4 fastlane.rubiconproject.com cdn4.buysellads.net
3 api.fouanalytics.com wheregoes.com
api.fouanalytics.com
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 2ddf988e0fea2e051a18f85c9aecf8e9.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 gum.criteo.com static.criteo.net
1 www.google.com tpc.googlesyndication.com
1 ads.servenobid.com cdn4.buysellads.net
1 prebid.media.net cdn4.buysellads.net
1 ib.adnxs.com cdn4.buysellads.net
1 ap.lijit.com cdn4.buysellads.net
1 onetag-sys.com cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 bidder.criteo.com cdn4.buysellads.net
1 srv.buysellads.com cdn4.buysellads.net
1 cdn4.buysellads.net wheregoes.com
77 19

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
wheregoes.com
WE1
2024-06-11 -
2024-09-09
3 months crt.sh
fouanalytics.com
WE1
2024-06-30 -
2024-09-28
3 months crt.sh
cdn4.buysellads.net
E5
2024-06-07 -
2024-09-05
3 months crt.sh
*.g.doubleclick.net
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.buysellads.com
E5
2024-06-07 -
2024-09-05
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-18 -
2024-09-17
3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-02 -
2025-08-01
a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-23 -
2025-01-29
a year crt.sh
*.lijit.com
Amazon RSA 2048 M03
2024-02-11 -
2025-03-12
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh
prebid.media.net
WR3
2024-06-13 -
2024-09-11
3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
ads.servenobid.com
Amazon RSA 2048 M02
2023-10-10 -
2024-11-08
a year crt.sh
tpc.googlesyndication.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.google.com
WR2
2024-07-30 -
2024-10-22
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-27 -
2024-09-24
3 months crt.sh

This page contains 11 frames:

Primary Page: https://wheregoes.com/trace/20244243105/
Frame ID: BAD244EE4CE851F82242BFA3F553ADF2
Requests: 46 HTTP requests in this frame

Frame: https://wheregoes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js
Frame ID: 9C696D9118A7BD2C49871E14666DF15C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: D03AF14F2CB2B7345FB4952E51C569D1
Requests: 1 HTTP requests in this frame

Frame: https://2ddf988e0fea2e051a18f85c9aecf8e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B6FB46BA7A8B54A9BCE81C0999B60888
Requests: 1 HTTP requests in this frame

Frame: https://2ddf988e0fea2e051a18f85c9aecf8e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4F78515F8419B50ACA8C83A043D14FD4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRhanQ9bwbYHG7D-yBxb4U9Tvn2KfIXshntdUqnU1etF2RsM1YFuGqTQffRdV1rAVOaeacumyRrzN9L0eGBmZfvri-XYKWYuCeneuLmatAJkgs81I0R_NevJ63SSafetmPYzPcFzGaUUanfMcOSajBNgp31kmduIwj4lpCeSAfVNGyggqtwY3UHe0wSHMwJRBdyZOBxbxLULU7qvrYzXFwFdOvjo82iZdihcab0b5ufQObVE-iCPjN75bXsJikzv1NwBzhiiQOa4YIOr1269BwnSgEwc1MBVacr18PSmoK7BPfcZvzHMsMkc_0RBMnmTaAX6dlETgYIRlDUPtl9XG_75GkTePdTamyjAJT2g&sai=AMfl-YS_jRrF7guZNk3pYpWmJLRoJEv-Vcg34fjWxA4lqIXss0IsxdzK_3QF9AtiBIHmHiHr2CE7i7SmGB7YBD5bpU87BDxxz3PwkjlbobZXRUNHJ3wKPQQqK0736tgkc9AvJqQBGUHsX1n1quByW0Q6guGo&sig=Cg0ArKJSzPuM7l2gNEI5EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: F449FF694A05F17B4922C73C23A38DA9
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgCUI8_PYZea7gFvgIUxVUQy2TSuFYbHWw1tOSe0HkAMzgvGLHEHndFAPZL0rMx-iOe8w16DrwnvU6OsOB5JjPoYSI4qeYHhBRZHuOzPl1EVNrC2mvNPpUWUngW-v3cXja9v9VZUm1U7YrkZlYhO-L19l7U-wdTTQ3J1R03bJGjcZ9umKP0Acl1LHxieItWkArpxBZ-AZSeUQ_hLhltKhUtC5JjD50PQRQ2pkAGpD7JIbITwown6KL0iItN5lSdCcKvH40gt2glHvHe0d3X_2jAbvpjZx7OjGeecNaINmLLy0seh03EBZ-8T-qrQdu5PNB3EPEJjuZ7lPphYFsErxby_FIyhqEDtjqLBiBH69gGSyW6GvPPBrsrNA&sai=AMfl-YTCdTTWbB67xKTh--0pdkUwhkQkk1JKPNsw3YHRNaG3g-TaaqsXGjjpwn5ZpqgW9arrebF7Zt_ndTTV7TGmmB3r1eLHHj9XSXtuEX9697DYCdrDW72Tm76La83095kLflSqm3sQXQz_aiFPLsZ6Apxq&sig=Cg0ArKJSzOPF5kXotEYaEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 1E37065FEEE5B9F173C77A338023CFDD
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoSsI1FTGZqFEdKqpWNnPaARcbznD3aOIYAfVf1Ry7UfusyZ_QPNUmvUDTQSULMFXUzH6VaAsvmx9dxVgEyPxEcliqo5qP5QtW6FY6TEHhEIR-STKqW2QnZwnFoKaqliD61G2PCpSdI8PYo4KEM0_24hlX7v0pT0iYFeBlEIlNY6vQ_I7tthFYaNhsmhUoHszmD7UVmo0GQWz36hGzWAfKaUWEE_hw-6UJso89f1ZAGNGQLByRFfsvNkPTsSdiQeR9nZn7nRURB2EHFZoKxfvNkMT6btkWDbSClxXjlvJhLOlzJKx-aOBos0Wih_kzMxyhSWp9wBC9WxIS_OC3oPv6-T-CAIPHfq3FcL6VBuOlEXPmlyI&sai=AMfl-YQCOVHH8pDyllPzLzxOGb3t27UL1C_43Su6XbpHR7N7ZRgnKKiSLUy7Hco-CKHi33mpuDzOtTe-C89DcmQ96EthbPvuJl7u3pziGnVNBVO9CcjW4rS8-12DVAteVq6aPDWC7ndREUExRcv0AKJIjnGs&sig=Cg0ArKJSzEHtpwg5ZjciEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 44E3ACB3169A691147608D6ACAF34389
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C421A6C241D561E481A45EB90A620B83
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EA681B752D7F307B7E1F85F134AC98AF
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com
Frame ID: A67F5413D8ACABCCE551315EBEE776C9
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Trace Results | WhereGoes

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • <form [^>]*id="mc-embedded-subscribe-form"
  • <form [^>]*name="mc-embedded-subscribe-form"

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

77
Requests

96 %
HTTPS

25 %
IPv6

16
Domains

19
Subdomains

21
IPs

2
Countries

981 kB
Transfer

3092 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://wheregoes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://wheregoes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js

77 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
wheregoes.com/trace/20244243105/
18 KB
6 KB
Document
General
Full URL
https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee65a95165b0703281d429dfe2e32d197e526848d58c1a9b025d00ffcba0767
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8af414fb3a05ac6a-YYZ
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 07 Aug 2024 03:11:54 GMT
link
<https://wheregoes.com/?p=19>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0jwTALgiClgdL69H4agv4CxixJZsK4rIQzKMVVrMjSZxLPkqU6K%2BS198T1Vy10v5T9sY4aul%2BEfZAzyn%2F2w%2FwhqyMjZXbjdfMIib2y53%2FeYT1sfGegFuXgxft3sBsT%2FG"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
autoptimize_be802b0078378d06db235ae7effbf46b.css
wheregoes.com/c/cache/autoptimize/css/
253 KB
89 KB
Stylesheet
General
Full URL
https://wheregoes.com/c/cache/autoptimize/css/autoptimize_be802b0078378d06db235ae7effbf46b.css
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53f700b326f1414787ea7ae51c995e46e608064aaab2597818d083e2e109870f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1675789
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jul 2024 14:40:26 GMT
server
cloudflare
etag
W/"6699295a-3f29b"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yz30YF4Vdtwu0RK%2BC7PFBnk%2F0f6DJwMuHiTn9sNMizjex0pKA7wN3MCQErVVOwbV2syNuKEA7lJYgbHD0RYsKDE9JXx%2F1Mhcq%2F6JP6ALc%2FDXKzrwkIcYvDzXsytuX%2F1h"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5ac1ac6a-YYZ
expires
Fri, 18 Jul 2025 14:41:49 GMT
jquery.min.js
wheregoes.com/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://wheregoes.com/wp-includes/js/jquery/jquery.min.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 14 Nov 2023 10:38:21 GMT
server
cloudflare
etag
W/"65534e1d-15601"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=InBxJwalbM6E4rsyZHSbdStid4ERPmVIFqBxn7nF9B2Q5G2woIQrHOTzWQRwtKbl6QdnxHwyZ7lQAJrERwNI9x3IIJFESO7spPqdSuxZ8bfhlmwuZF8Yh5xnd9MltDRR"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5ac2ac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:08 GMT
jquery-migrate.min.js
wheregoes.com/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://wheregoes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 22 Aug 2023 20:43:51 GMT
server
cloudflare
etag
W/"64e51e07-3509"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xG3xwb91wHOIaxzyB3PWr%2FFBUqSrzOSYbre961RKQfGbUpunvsTQenAXl7rqCaFuI8S2ru%2F9eik2oncFtRQD5%2FwOnU8%2BjQ3twd5%2BXO2mOoZg4vFSKuS269uXxWgbId9"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5ac4ac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:08 GMT
script.js
wheregoes.com/js/
3 KB
2 KB
Script
General
Full URL
https://wheregoes.com/js/script.js
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c022ad0172c4e1509cdbcbd659b3842c0e0cd62cf201c1aa0a7cfd7cacb2b71a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
885
age
12660
x-cache
HIT
cdn-cachedat
08/05/2024 09:23:00
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
10.0.1.5
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 06 Aug 2024 15:13:00 GMT
cdn-proxyver
1.04
cdn-requestpullcode
200
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2go2nSuAXItANUfeTQ7YKIT%2Bgax8JxQ%2Fl6U6IuKwyyEx%2BOIt%2B3hVdTk89D3e4AzHntKwSMCgb9Oa7e9TFan%2B%2BW7Q4lRk1D%2Boo37zi2%2FDG%2FconG6%2FO1nKgcTZ%2FJ8GsuGl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, max-age=86400, must-revalidate
permissions-policy
interest-cohort=()
cdn-requestid
611f98fe5908152177b68d6f7d1d2796
cf-ray
8af414fd3b57ac6a-YYZ
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
init-1144pc80p2fur20uadwq.js
api.fouanalytics.com/api/
329 B
773 B
Script
General
Full URL
https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec82c640ce452837c2225de15a253c028466534b37600b5dafc2601685f1892

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CBDcQaVk3%2BoFy%2FypAG8bRvoCoLqPbNH1coS7jM%2FwhYIAAg3FwbhQIl%2FF5KHbCgwNzNAaYFDxBoHuJvcC8X3Sa451U4uLj9qmdT8tNQDettyhbc%2FklGMDZVTZXBHQ1OSbTcnskOKngQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
cf-ray
8af414fda8cc36ad-YYZ
alt-svc
h3=":443"; ma=86400
priority
u=3,i=?0
expires
0
wp-polyfill-inert.min.js
wheregoes.com/wp-includes/js/dist/vendor/
8 KB
3 KB
Script
General
Full URL
https://wheregoes.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 05 Apr 2023 20:53:50 GMT
server
cloudflare
etag
W/"642ddfde-1feb"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dBjRjdCFRJ6gs93c54m%2F1Ayv3W21hKRn2AeBGqdKHLLroJ%2BMgvVam8OWq%2Fkwxq03%2BVtTG7Ph4v9QCw5MK8PakvcTN8MwBcwXGSvwnvSQjxxDTLf8TBWNVX%2FFGzkCZ1fR"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5ac7ac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:08 GMT
regenerator-runtime.min.js
wheregoes.com/wp-includes/js/dist/vendor/
6 KB
3 KB
Script
General
Full URL
https://wheregoes.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 14 Nov 2023 10:38:21 GMT
server
cloudflare
etag
W/"65534e1d-19e1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sI55cgK6BNISy%2BhQ%2Bzcp8ap9Y%2F%2FXXMpJN5k%2FXXq1%2B1yMYzlGUJdGeDh89GiEChwXmZ8dopyczC5LUB1LhOse2Sd1e4uV8gaHgTYRGepJglZBTrysl82rsqM4e5m3l8qg"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5ac8ac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:08 GMT
wp-polyfill.min.js
wheregoes.com/wp-includes/js/dist/vendor/
38 KB
14 KB
Script
General
Full URL
https://wheregoes.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 13:44:32 GMT
server
cloudflare
etag
W/"66100040-96be"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FFQhPu3VVhkkZ2bj8shtpEXb6v3fXybXl%2FqE1%2F27E1YunMimDfSm%2BBO9WgWIHGDq4uBbbcsB%2FUz%2BlSYN%2Fu115hSqe0GfvzUwyCAkvL7ZkFpj72pPURZqXYne0iv2jt74"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5ac9ac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:09 GMT
hooks.min.js
wheregoes.com/wp-includes/js/dist/
4 KB
2 KB
Script
General
Full URL
https://wheregoes.com/wp-includes/js/dist/hooks.min.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 13:44:32 GMT
server
cloudflare
etag
W/"66100040-10d3"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rz2OkrwNFCNJRE1MIygC19nNQTLESGtFn6ziNAno%2B2PUOSOEKwrjDoz5PHGD0q4zuxUzfkRZLJe33C16vTJB4DYelvbMovG7KbPQ9LxXcXEU2euIjP%2FCdg%2BOu0YSADsj"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5acaac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:09 GMT
i18n.min.js
wheregoes.com/wp-includes/js/dist/
9 KB
4 KB
Script
General
Full URL
https://wheregoes.com/wp-includes/js/dist/i18n.min.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 13:44:32 GMT
server
cloudflare
etag
W/"66100040-23b5"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KHNKnbvSkrCXJs8d59g7om2CJM6IQGdIRQrQNil8tIzlU0VUZgfKzhTTrUGvnoOTPgG7kCHFOaimzFiCt%2FylMm6b9f%2F2025IO%2FdGnrvTdreu2EE8CDgRSvNTjkoe35a5"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5acbac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:09 GMT
index.js
wheregoes.com/c/p/contact-form-7/includes/swv/js/
11 KB
4 KB
Script
General
Full URL
https://wheregoes.com/c/p/contact-form-7/includes/swv/js/index.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jul 2024 14:21:24 GMT
server
cloudflare
etag
W/"66a25f64-2cf9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FvSMopyP4d4l%2Fr1o5mbM1PXBA8YL9w%2FQWLlxdhkg0%2BgZA3sO%2FuINSj6uucqbIddRfF2MxyUg3%2BhXhNUwFGBwk%2BtpI6bxrUda9ZXjIwlB55THVw8rukntx1q5rIa8gkf%2F"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5accac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:10 GMT
index.js
wheregoes.com/c/p/contact-form-7/includes/js/
13 KB
5 KB
Script
General
Full URL
https://wheregoes.com/c/p/contact-form-7/includes/js/index.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 25 Jul 2024 14:21:24 GMT
server
cloudflare
etag
W/"66a25f64-346f"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XD0kzqU3geFIxWWQM39xpeMcillC3hw518sovI5LVkR62soKLIV4u2iri1IVqM5rEM276Kta0kebBil3nhjc0y6HlLD87kzHm9BOCIeE89BtoO2grzOQTNnoryjbAWis"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5acdac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:10 GMT
main.js
wheregoes.com/c/themes/custom-theme/src/js/
8 KB
3 KB
Script
General
Full URL
https://wheregoes.com/c/themes/custom-theme/src/js/main.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f053be9c91dd84c0a3b14b168ed75173531e8175b1315beb67681a97b359abd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Jun 2022 19:03:29 GMT
server
cloudflare
etag
W/"62ab7e81-20a1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P9lVF2SNqc0BBAJjEOmkeL%2Fw8yCm1qwYG1zTR342O5VMN%2BHHGIxaza%2F7WSNqvdX3ni0okpbad%2FOq4uDP%2BRLOoFvQkxMltCO4tY0pulrRfTzRjo6wt0xY%2BT7%2BdPYW2rQ%2F"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5aceac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:10 GMT
login.js
wheregoes.com/c/themes/custom-theme/src/js/
4 KB
2 KB
Script
General
Full URL
https://wheregoes.com/c/themes/custom-theme/src/js/login.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adbf7613efb9d5f9385e42495ec01a5a17690551607263a0d840d08f132f9c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 16 Jun 2022 19:03:29 GMT
server
cloudflare
etag
W/"62ab7e81-1189"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dqIxCb1JsOwn6BMuoyYGEZOMp4NQeePyPkDJItU4lORcWc0rbVSiSq0tFqsf4l0KcGbSq17X53mofF%2BeE1r9xI11zMiypp8%2Fu7MDSyslaBh7a54c22uJsTmrW8wIBo8h"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5ad0ac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:10 GMT
ads.js
wheregoes.com/c/themes/custom-theme/src/js/
2 KB
1 KB
Script
General
Full URL
https://wheregoes.com/c/themes/custom-theme/src/js/ads.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d6120670efc8d0e341da81feee0298095402654414f1e93fad0683da438622d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
527
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 18 Jul 2024 14:41:10 GMT
server
cloudflare
etag
W/"66992986-6a4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DYUq4EkZuPQpUILaEnFOkfluN8SPeBC0i1arTQhzESwd8P99e2xyBfPdWxf3XAefXeE9WljCoggI34p%2FvcQNqpUTOLJowBgKhnTLTNe6PYgrFS6DtjyO5QRKyliYF06b"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fc5ad1ac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:11 GMT
wheregoes.js
cdn4.buysellads.net/pub/
546 KB
151 KB
Script
General
Full URL
https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
24.144.70.77 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
srv-sfo3-2 /
Resource Hash
6e0e832bf066053ed491066593d0e34543bb96da6ec4b727db520585d2451257

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
cache-control
public, max-age=3600, stale-while-revalidate
content-encoding
gzip
server
srv-sfo3-2
etag
b0ed9ee7f4cdea53c197925a024d9033a7eae4ee
vary
Accept-Encoding
content-type
application/javascript
0f1d46c2-b59b-4470-b09a-89bebd4b7380
https://wheregoes.com/
1 KB
0
Other
General
Full URL
blob:https://wheregoes.com/0f1d46c2-b59b-4470-b09a-89bebd4b7380
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
logo-h-blue.svg
wheregoes.com/c/themes/custom-theme/img/
15 KB
6 KB
Image
General
Full URL
https://wheregoes.com/c/themes/custom-theme/img/logo-h-blue.svg
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_be802b0078378d06db235ae7effbf46b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/c/cache/autoptimize/css/autoptimize_be802b0078378d06db235ae7effbf46b.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1675795
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 26 Jun 2024 18:56:21 GMT
server
cloudflare
etag
W/"667c6455-3afa"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2FfKv85EWYmV3Y45lzar2dN4trY9Rlak4u4L44lSheiwLtblkeXYN0ijtencH5NMRGVLxYLfTiHv6RFxm6tD0k6SdmibDQ%2F8DMrRAlsTHMf6ZvG%2BCRpyUZMaap7n3uZW"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fd4b66ac6a-YYZ
expires
Fri, 18 Jul 2025 14:41:44 GMT
wheregoes.woff2
wheregoes.com/c/themes/custom-theme/fonts/
8 KB
8 KB
Font
General
Full URL
https://wheregoes.com/c/themes/custom-theme/fonts/wheregoes.woff2?90359859
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_be802b0078378d06db235ae7effbf46b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b

Request headers

Referer
https://wheregoes.com/c/cache/autoptimize/css/autoptimize_be802b0078378d06db235ae7effbf46b.css
Origin
https://wheregoes.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1675794
alt-svc
h3=":443"; ma=86400
content-length
8024
last-modified
Fri, 18 Jun 2021 18:52:37 GMT
server
cloudflare
etag
"60cceb75-1f58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OiRGE3jYS%2FVvPIqtgaBvNOw0uva2cdSlhnLagj%2BgLDSQgeExapNNkvuhDtz0MJLsFG8kSCKzvZ6ROXPiQhKkXuN8eI24z8dx7KBOWBCkW%2B4m%2F8%2Fu5Ls6KvWnho6acMir"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
8af414fd6b7aac6a-YYZ
expires
Fri, 18 Jul 2025 14:41:44 GMT
event
wheregoes.com/api/
2 B
770 B
XHR
General
Full URL
https://wheregoes.com/api/event
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/js/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
885
cdn-cachedat
08/07/2024 03:11:54
cdn-pullzone
682664
application
127.0.0.1
alt-svc
h3=":443"; ma=86400
content-length
2
x-request-id
F-lTqEI2rWtWKZwRPkmL
cdn-proxyver
1.04
cdn-requestpullcode
202
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jUeTMCvBoTMRsIQn7b6ij04exhVFITae0jbAY1l%2Fg8Z51XCCRRmqaCTD4OxD%2B%2FnGDeU%2BO9nTTWkgm5poW5enkAT3uqJJAC7xr6oNJoJLVnjsrdbA1CGYIsN9ESJQ9tAz"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
x-plausible-dropped
1
cdn-requestid
933f8ceb0290c78fd29d0577c1ba662c
cf-ray
8af414fd9b93ac6a-YYZ
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
main.js
wheregoes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/ Frame 9C69
Redirect Chain
  • https://wheregoes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://wheregoes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
8 KB
4 KB
Script
General
Full URL
https://wheregoes.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56a65ab2a60e4c053c63dc08aa9034f983c0bd48bd1bea06cf8f0e1fc208aae
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8p%2FuYNh3FpB4capnDG8g9JcT0pesdJDgBMpdPXtDObhh59upc5oWkhiswIDp%2FUAt5JYBJ7uLdjQmeKC4sQFRd9xdKAAR5Lvomj1NchUygOnVi6HK2WDO2CbSBaK2dquC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8af414fdcbb0ac6a-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 07 Aug 2024 03:11:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cu%2BidsD5V8qq1mVvbMUos6Qm4B%2B6uNA%2FPjxlI7ZSGxy2KzuoMleNsorfgWXgNMhnoMxBBex6ZDw5HK0gjYYAdV3JQyuKkUwK6EnhUNtbIlvdPhYNNV0G3lIpBza4L007"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/8c81cb09042c/main.js?
access-control-allow-origin
*
cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
cf-ray
8af414fd9b94ac6a-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
wp-emoji-release.min.js
wheregoes.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://wheregoes.com/wp-includes/js/wp-emoji-release.min.js?ver=202408070315
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 05 Apr 2024 13:44:32 GMT
server
cloudflare
etag
W/"66100040-4926"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A2qNzThfqg5fue5xqTZEOpzlOz3uRsszP1K8uWluMZX7q8aNgGUJ4XRQ1OWjad5uK4tjaylFYlHGpsCQ5yPqOcW%2B7oqJdv3gPxcyd%2FadvbHaAnP3vCm89rAtUYiOxeEM"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af414fdbba3ac6a-YYZ
expires
Thu, 07 Aug 2025 03:00:11 GMT
8af414fb3a05ac6a
wheregoes.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 9C69
0
671 B
XHR
General
Full URL
https://wheregoes.com/cdn-cgi/challenge-platform/h/b/jsd/r/8af414fb3a05ac6a
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hmyvv5bRStwI8aRiK4F1b4P0XbLKst3wPNCh32MUE8Xf1HLxkG6kXg5xGla5v3XkzBHIyXKTbE7UEPcCkMaXYax9%2FjlSDnaY6vmeW5ulcQ6j9kxMnT0JPLxCdJ3u3TEL"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
8af414feac36ac6a-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
x.js
api.fouanalytics.com/s/
16 KB
7 KB
Script
General
Full URL
https://api.fouanalytics.com/s/x.js
Requested by
Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867bb6f3c1fc6ff61e1ff5f8533be17b91de0d69e262283dcc7a2cbce396abe6

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
24711
etag
W/"66b12932-3eb2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rv%2BprMmLXd7vp3sLIjtO6AqWwvYR84vxmuYCtRSTSDc%2B7LKIVreuior2PlA%2FAA5tEVZKXWv96TcXTTgZxpG1OsxujWS4g7GctjSNy2eSACP22PYgQ0Sv8PK89FXEXaLDWga0ar4fGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=86400
cf-ray
8af414fea9a636ad-YYZ
alt-svc
h3=":443"; ma=86400
priority
u=3,i=?0
x
api.fouanalytics.com/api/
0
403 B
Ping
General
Full URL
https://api.fouanalytics.com/api/x
Requested by
Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/x.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.170.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 07 Aug 2024 03:11:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-allow-methods
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1DKYMIP5gwfTMqkWZCaJzCTTabmZXOmTrec%2FwwsL%2BuPhzBkVeo9JAaU4ZZ4OlCYlwqYKst7Zld7Bedo%2FfB0B3eB8sHx7MXqFzxekqXyCPYA9WbJytIG6KlPJ6Dy5l%2F4VNeAYLiyTA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
8af415006ae536ad-YYZ
alt-svc
h3=":443"; ma=86400
priority
u=4,i
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
31 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f156.1e100.net
Software
cafe /
Resource Hash
b3ed1c95a2cfc56dc479e3f8dd47419e0b32a9eb747bb241e8520d690b0e0193
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31738
x-xss-protection
0
server
cafe
etag
778 / 19942 / m202407310101 / config-hash: 6149763733754485172
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 07 Aug 2024 03:11:55 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/
473 KB
148 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f156.1e100.net
Software
cafe /
Resource Hash
16c97b6c26473d70b044e56a04aaa08a40cbf07d644e8bea637f41d3e4acbc7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 06 Aug 2024 11:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
55108
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151011
x-xss-protection
0
server
cafe
etag
11172422436733227893
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 06 Aug 2025 11:53:27 GMT
CEAIT5QE.json
srv.buysellads.com/ads/
1 KB
652 B
Fetch
General
Full URL
https://srv.buysellads.com/ads/CEAIT5QE.json?forcebanner=548530&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.203.151.34 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
srv-nyc3-0 /
Resource Hash
f59e04af2a3d82f0795b25ce4f979181a47feee11da7b401201861e418c8de10

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:55 GMT
content-encoding
br
server
srv-nyc3-0
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
*
content-length
523
cdb
bidder.criteo.com/
0
220 B
Fetch
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.41.0&cb=95820279775&lsavail=1
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.117.6 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 07 Aug 2024 03:11:54 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
observe-browsing-topics
?1
vary
Origin
access-control-allow-origin
https://wheregoes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
v1
hb-api.omnitagjs.com/hb-api/prebid/
0
437 B
Fetch
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&PageUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&PageReferrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 07 Aug 2024 03:11:55 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
3
content-length
0
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid-request
onetag-sys.com/
15 B
410 B
Fetch
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://wheregoes.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
bid
ap.lijit.com/rtb/
24 B
359 B
Fetch
General
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.41.0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.20.203.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-203-238.compute-1.amazonaws.com
Software
/
Resource Hash
41525043adc1181543f91e383888cd6817ac06de303c64c069d88ab6bfc3364c

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 07 Aug 2024 03:11:55 GMT
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT
content-type
application/json
access-control-allow-origin
https://wheregoes.com
access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
content-length
24
prebid
ib.adnxs.com/ut/v3/
19 B
709 B
Fetch
General
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.24 Colonia, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:55 GMT
an-x-request-uuid
f22e1bad-81cd-425e-950c-837d620cdfdd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://wheregoes.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
167.114.209.103; 167.114.209.103; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
prebid.media.net/rtb/
2 KB
1 KB
Fetch
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
c2560383c7e6dec34f500615b6a100a14525e8eff0e878fdc6c2e0c7733e1dee

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:55 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://wheregoes.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
551
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 07 Aug 2024 03:11:55 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
433 B
774 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=2&alt_size_ids=55&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&tk_flint=pbjs_lite_v8.41.0&l_pb_bid_id=48a1d33bc070846&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&m_ch_mobile=%3F0&slots=1&rand=0.9112065482260125
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0f655a39b5c51669399f196e9146d221699ce8756a7beff5c12871e08c8776aa

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:55 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
433
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
411 B
925 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&tk_flint=pbjs_lite_v8.41.0&l_pb_bid_id=497e6bc6e3e1ffe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&m_ch_mobile=%3F0&slots=1&rand=0.5179561355910045
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5ee36c237d181f8357ffc4dfecc8cf7f417c4680477e67efe19ca54add16ae18

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:55 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
411
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
443 B
787 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=2%2C16&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_InContent_BTF_ROS%23bsa-zone_1641318314037-7_123456&tk_flint=pbjs_lite_v8.41.0&l_pb_bid_id=502b75afe99a7a1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_InContent_BTF_ROS%23bsa-zone_1641318314037-7_123456&m_ch_mobile=%3F0&slots=1&rand=0.9008327178905746
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9bd60e98f5c571e18cfcc0b6cb9b665409c5c9dbe2da1f2380c304455c1685e0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:55 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
443
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/
442 B
783 B
Fetch
General
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&tg_i.domain=wheregoes.com&tg_i.page=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&tk_flint=pbjs_lite_v8.41.0&l_pb_bid_id=51e0a3576b7a29c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&m_ch_mobile=%3F0&slots=1&rand=0.09947436836076773
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::32 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d406835a89314a2f5e65ace91b7f4404fd1d08cd1a7e0ea6e96b765d29c318b9

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:55 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
442
expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/
946 B
781 B
Fetch
General
Full URL
https://ads.servenobid.com/adreq?cb=10281
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.121.74 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-121-74.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
52447a87b6ab5b33a130d4565dd8a0115f4a463036d6b9d76f178743ac9a8626

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
content-type
text/plain

Response headers

date
Wed, 07 Aug 2024 03:11:55 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://wheregoes.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame D03A
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
64.233.180.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
on-in-f155.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1702
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
28915
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Aug 2024 02:43:33 GMT
expires
Wed, 07 Aug 2024 03:33:33 GMT
last-modified
Mon, 05 Aug 2024 19:44:26 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
favicon.svg
wheregoes.com/c/themes/custom-theme/img/
1 KB
1 KB
Other
General
Full URL
https://wheregoes.com/c/themes/custom-theme/img/favicon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.183.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a218f71ca19363f32708623720794ed5c4eb6fabf5a2944ea6f44f99a782def6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/trace/20244243105/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
age
1675795
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 26 Jun 2024 18:56:21 GMT
server
cloudflare
etag
W/"667c6455-43d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJ8kZ1akFZDblthEreVIOLd8mq7cvH0LffaX7JmeqN1G4N2MREfSZwlnXEUkqzWUZkBCgMAvZxelUpaGd1Vj1oFM%2FwBohfvW%2F5P7PmzIZNvXyvG%2Bp8dckoHUK%2F2DtWPK"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31536000
cf-ray
8af41504689eac6a-YYZ
expires
Fri, 18 Jul 2025 14:41:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202407310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
f343c88e656bb9de90e19296354287c83e204ccf885209f0e202a12ea3444981
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12807
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
240 KB
36 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2023255159740974&correlator=3753869001272557&eid=44809527%2C31085739%2C31084183%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202407310101&ptt=17&impl=fifs&iu_parts=8691100%2CWheregoes_S2S_Leaderboard_ATF_ROS%2CWheregoes_S2S_Sidebar_ROS_Pos1%2CWheregoes_S2S_Leaderboard_InContent_BTF_ROS%2CWheregoes_S2S_Sticky_Sidebar_ROS_Pos2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x90%2C300x250%2C320x50%7C728x90%7C300x250%7C336x280%2C300x250%7C120x600%7C160x600%7C300x600&fluid=0%2C0%2Cheight%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1723000316111&lmt=1723000316&adxs=436%2C1091%2C276%2C1091&adys=440%2C666%2C1127%2C1070&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-420&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&vis=1&psz=960x267%7C300x952%7C862x1020%7C300x952&msz=960x90%7C300x250%7C862x250%7C300x600&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&topics=1&tps=1&htps=10&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1723000314281&idt=1066&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1641228026595-4_123456%26optimize_imp_id%3D1723000316095-3f11b252%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641228120494-5_123456%26optimize_imp_id%3D1723000316096-4b17bf52%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641318314037-7_123456%26optimize_imp_id%3D1723000316096-b0ecbd80%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641318529900-6_123456%26optimize_imp_id%3D1723000316096-1fda9a4a%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&cust_params=optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dwheregoes%26optimize_xp%3Da%26optimize_refreshed%3Dfalse%26optimize_pathname%3D%252Ftrace%252F20244243105%252F%26optimize_pv_id%3D1723000316094-4b16056e&adks=1696759606%2C2861055222%2C3878002045%2C3809685794&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f156.1e100.net
Software
cafe /
Resource Hash
dcd2a41f652812774ecde5c7091a5a2321fe8467de81fc0db0674c5146d54eff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37301
x-xss-protection
0
google-lineitem-id
5320060794,5324395187,5324395187,5324395187
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305848111,138305885717,138305885909,138305874978
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://wheregoes.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2ddf988e0fea2e051a18f85c9aecf8e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B6FB
0
0
Document
General
Full URL
https://2ddf988e0fea2e051a18f85c9aecf8e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Aug 2024 03:11:56 GMT
expires
Wed, 07 Aug 2024 03:11:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 07 Aug 2024 03:11:56 GMT
container.html
2ddf988e0fea2e051a18f85c9aecf8e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4F78
0
0
Document
General
Full URL
https://2ddf988e0fea2e051a18f85c9aecf8e9.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 07 Aug 2024 03:11:56 GMT
expires
Wed, 07 Aug 2024 03:11:56 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame F449
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRhanQ9bwbYHG7D-yBxb4U9Tvn2KfIXshntdUqnU1etF2RsM1YFuGqTQffRdV1rAVOaeacumyRrzN9L0eGBmZfvri-XYKWYuCeneuLmatAJkgs81I0R_NevJ63SSafetmPYzPcFzGaUUanfMcOSajBNgp31kmduIwj4lpCeSAfVNGyggqtwY3UHe0wSHMwJRBdyZOBxbxLULU7qvrYzXFwFdOvjo82iZdihcab0b5ufQObVE-iCPjN75bXsJikzv1NwBzhiiQOa4YIOr1269BwnSgEwc1MBVacr18PSmoK7BPfcZvzHMsMkc_0RBMnmTaAX6dlETgYIRlDUPtl9XG_75GkTePdTamyjAJT2g&sai=AMfl-YS_jRrF7guZNk3pYpWmJLRoJEv-Vcg34fjWxA4lqIXss0IsxdzK_3QF9AtiBIHmHiHr2CE7i7SmGB7YBD5bpU87BDxxz3PwkjlbobZXRUNHJ3wKPQQqK0736tgkc9AvJqQBGUHsX1n1quByW0Q6guGo&sig=Cg0ArKJSzPuM7l2gNEI5EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 07 Aug 2024 03:11:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240805/r20110914/ Frame F449
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240805/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f88c1da986c6222e070edfef4cbb51b88e16bfcd9dd099f37b6839bccd75b6c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
1548005776607054986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Aug 2024 03:08:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240805/r20110914/client/ Frame F449
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240805/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 02:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Aug 2024 02:33:55 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F449
203 KB
63 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 02:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64474
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 07 Aug 2024 03:13:37 GMT
9435140927320421974
tpc.googlesyndication.com/simgad/ Frame F449
92 KB
92 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9435140927320421974
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de8279221cec92147e41e962754da2e9667fe862dc94f192566fa7bec3d11f11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 06 Aug 2024 10:49:56 GMT
x-content-type-options
nosniff
age
58920
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
93765
x-xss-protection
0
last-modified
Tue, 10 Mar 2020 20:30:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Aug 2025 10:49:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1E37
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgCUI8_PYZea7gFvgIUxVUQy2TSuFYbHWw1tOSe0HkAMzgvGLHEHndFAPZL0rMx-iOe8w16DrwnvU6OsOB5JjPoYSI4qeYHhBRZHuOzPl1EVNrC2mvNPpUWUngW-v3cXja9v9VZUm1U7YrkZlYhO-L19l7U-wdTTQ3J1R03bJGjcZ9umKP0Acl1LHxieItWkArpxBZ-AZSeUQ_hLhltKhUtC5JjD50PQRQ2pkAGpD7JIbITwown6KL0iItN5lSdCcKvH40gt2glHvHe0d3X_2jAbvpjZx7OjGeecNaINmLLy0seh03EBZ-8T-qrQdu5PNB3EPEJjuZ7lPphYFsErxby_FIyhqEDtjqLBiBH69gGSyW6GvPPBrsrNA&sai=AMfl-YTCdTTWbB67xKTh--0pdkUwhkQkk1JKPNsw3YHRNaG3g-TaaqsXGjjpwn5ZpqgW9arrebF7Zt_ndTTV7TGmmB3r1eLHHj9XSXtuEX9697DYCdrDW72Tm76La83095kLflSqm3sQXQz_aiFPLsZ6Apxq&sig=Cg0ArKJSzOPF5kXotEYaEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 07 Aug 2024 03:11:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240805/r20110914/ Frame 1E37
23 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240805/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f88c1da986c6222e070edfef4cbb51b88e16bfcd9dd099f37b6839bccd75b6c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
1548005776607054986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Aug 2024 03:08:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240805/r20110914/client/ Frame 1E37
3 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240805/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 02:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Aug 2024 02:33:55 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1E37
203 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 02:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64474
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 07 Aug 2024 03:13:37 GMT
14411045596044271614
tpc.googlesyndication.com/simgad/ Frame 1E37
94 KB
94 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14411045596044271614
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d08b67c252083a37cb7295ba5796d73c6e205c7aabe133d9cb604b73ea5985c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 06 Aug 2024 09:31:48 GMT
x-content-type-options
nosniff
age
63608
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96289
x-xss-protection
0
last-modified
Tue, 10 Mar 2020 20:29:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 06 Aug 2025 09:31:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 44E3
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvoSsI1FTGZqFEdKqpWNnPaARcbznD3aOIYAfVf1Ry7UfusyZ_QPNUmvUDTQSULMFXUzH6VaAsvmx9dxVgEyPxEcliqo5qP5QtW6FY6TEHhEIR-STKqW2QnZwnFoKaqliD61G2PCpSdI8PYo4KEM0_24hlX7v0pT0iYFeBlEIlNY6vQ_I7tthFYaNhsmhUoHszmD7UVmo0GQWz36hGzWAfKaUWEE_hw-6UJso89f1ZAGNGQLByRFfsvNkPTsSdiQeR9nZn7nRURB2EHFZoKxfvNkMT6btkWDbSClxXjlvJhLOlzJKx-aOBos0Wih_kzMxyhSWp9wBC9WxIS_OC3oPv6-T-CAIPHfq3FcL6VBuOlEXPmlyI&sai=AMfl-YQCOVHH8pDyllPzLzxOGb3t27UL1C_43Su6XbpHR7N7ZRgnKKiSLUy7Hco-CKHi33mpuDzOtTe-C89DcmQ96EthbPvuJl7u3pziGnVNBVO9CcjW4rS8-12DVAteVq6aPDWC7ndREUExRcv0AKJIjnGs&sig=Cg0ArKJSzEHtpwg5ZjciEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: wheregoes.com
URL: https://wheregoes.com/trace/20244243105/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 07 Aug 2024 03:11:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240805/r20110914/ Frame 44E3
23 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240805/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f88c1da986c6222e070edfef4cbb51b88e16bfcd9dd099f37b6839bccd75b6c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:08:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
230
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9141
x-xss-protection
0
server
cafe
etag
1548005776607054986
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Aug 2024 03:08:06 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240805/r20110914/client/ Frame 44E3
3 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240805/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 02:33:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2281
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1229
x-xss-protection
0
server
cafe
etag
16544991220582087243
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 21 Aug 2024 02:33:55 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 44E3
203 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 02:13:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
3499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64474
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 07 Aug 2024 03:13:37 GMT
8501118484541795674
tpc.googlesyndication.com/simgad/ Frame 44E3
88 KB
88 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8501118484541795674
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202407310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4987ec68837273fe612c09892841f5011f57d542e12b1567db12e18e5e214ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

expires
Thu, 07 Aug 2025 03:11:56 GMT
date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90087
x-xss-protection
0
last-modified
Tue, 10 Mar 2020 20:31:43 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame F449
220 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8494303eb0aa1c272fbc596243190122ebeb0366d8ec3996541ff77e9799d1ba

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1E37
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca7ba00037cdf8ba8419648ac50f13bf322daed74a4b3f4f6a7efdcd3f3b4362

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 44E3
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adcd129ba21186e360041fe480f29eb06624bad964a651434309df9224a6ce6

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C421
0
0
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
86837
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 06 Aug 2024 03:04:39 GMT
expires
Wed, 06 Aug 2025 03:04:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EA68
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.66.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qo-in-f105.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mGDjkLXeJlZgrQyJnCL3Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-mGDjkLXeJlZgrQyJnCL3Ng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Aug 2024 03:11:56 GMT
expires
Wed, 07 Aug 2024 03:11:56 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame F449
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOJf9f3qPxEIbl3EbTXiHP_uy4r65mW1QHFlxXlULi84BwVhkizs_n91yqW0-xbLfc4231cRUL2Qt67HfIO5i0bLlDwID_0w5a4plr6kF3JIPLygLpNhqCfo9yeAvMqctvyoDNJD-NN5uk-thWK6ZVyJn-FqWPXAPFnlDTS0jJKrZyzqKqpMhLIAOGCQ4yIyc6oN3qmcKUDetGGMOrK_Slcfh_BmsDg8idQl655O4EAFbDKXcE2m5wrbXNgyLpnoFJX78T6BguDVm2A6vt-RD1ciu3Bvr8hplYT0lNeg9O48TJaQkJO4Sw2lqb3bz-AnmMWH5oGHa8TsKYMWIcwvlwFoaMgzkUh2bxJ4XJSIWx&sai=AMfl-YRUVDV2dkr3M35RroplGTXuvQmsrf2Vgknce9tIrFTGNv00wlIEB1T2p8kdRjN5Z8VZ_nCoNaK2Dvc6pturlE4U0GUONVa64lUWgSEH-QJ1myW634Zx6jax8vXlS7aSyoiZ4-RCEeSiJlPFfRlKfUrR&sig=Cg0ArKJSzKc1axODWHOkEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 07 Aug 2024 03:11:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1E37
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurR1B85Oc9Eec9xc7g_z1hMzuhD9f1gYYEihG39_-QPPCmw1GuQLBdXjNZTuAyjQl4p096izXxhkUQnYmfS7L5YOie58bFSym7GI37Um7EMuDrmfMEcd2NacS9OUdFZGVBG--U7q6DiwInea5UfjLzSyQJt2rQpOTNsDZSvqGp7K_vfEC6P4XnLMaHcR5gzXPyWTnC8obrRV5In7RFoZLBSHzK49_GyqwQhBb5BrKARqhBS-ZN1TZI-ZWXlSEOumTBkyS4Pwaa-ZyqQ1ggauLP8osSZNEHEg3AQvJyD6DGbAZuDOEjd8XG9ZZzdxHXirH7uRMu-Rn5JCO4WhcFtdcRIzS1EDrxJvF_29ue4CvvL64Jgb-8veMvAyQQNw&sai=AMfl-YSknLMDhvbdBb_lbd9gTLJzD1INblnKs6yN9h0pf4DBY5Ik6kIp49L2mPidfmnIpI-lHUTavDlBAIH4En17aMhKebQ_eI34QRPisNDCOXSQb38qa7T6jwlTDilG9JvpLpjrDIOsHw7qT2YFfp4iUFq-&sig=Cg0ArKJSzAzLe_NUR9yVEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 07 Aug 2024 03:11:56 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 44E3
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_2UZLiZkU6Ja6gZmfXbxyJp0EdYcEbuwxBn7-HTBkAUi7QJKVvqd-4p_xyANKmiwb9KdR6FRgAA-FLtt0BeuYbjeHf8fMm-JJrjRQxRe5kMXCAyRAsoynR8KPrZF4o27CLC_AHaPxoCnMAHn_Oj9c4eYtXtDAYpv0rFF3or9cQv2nx15Al9rbD4Oqj1WTjMTIc0MF5yiVf46V7vabwpmqy2IWJ8R3Lzhr2aEzLFw4b08va1xci7dxLnRbW1AN-Niv8VmZVTn_IDoSYZXZApAO3xGNlvRoeMvBocMa9yY4WkGNYuuXlvddslGksMHWfTnbqTlGkUnuYQMsh_tyx_4YxZUlAAXmzdq50uHKoSY6i6_HWjMzzw&sai=AMfl-YQ-LTLOQrqeihju97msDhZFCLS0p7XCiNlu9AtSj2H6C1JCrhHRyNO7M_hqF0C_tt3b0V1iQeqWcm3EOxhqIR1aqBTzBxoBCWf510Hi4C7B914500KqkB4Sz7cn07PiGgVtDvN01fojhP-e6wVCTKtX&sig=Cg0ArKJSzKGFZB3y5pgWEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 07 Aug 2024 03:11:56 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F449
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E37
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 44E3
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_pgbrk&pvsid=2023255159740974&vrg=202407310101&nw_id=8691100&nslots=4&eid=44809527%2C31085739%2C31084183%2C676982961%2C31078663%2C31078668%2C31078670&pub_url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&qid=CNG5q6704YcDFWOUywEd9qoQmA&iu=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS&e=0&ret=728x90&req=728x90%7C970x90&bm=0&efh=1&stk=0&ifi=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0

activeview
pagead2.googlesyndication.com/pcs/ Frame 1E37
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvs7CFRKljexpgbOBCuNw5HHrKbhRBdulgOwpLjb049u5zoetGOmtuaO2fyX6q0R6BKPcG1mj3PWXBf6PNMPGpVi8R2cLZ4Uai7lFJcuMG8U4V6RI-e3RBRvuh6PL7GGwQXAGEmmVWknwWv4FiAzm8t5BzPJ53dAg&sig=Cg0ArKJSzMvXP0G_EFECEAE&id=lidar2&mcvt=1000&p=1126,276,1216,1004&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240805&bin=7&avms=nio&bs=1600,1200&mc=0.81&vu=1&app=0&itpl=3&adk=3878002045&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1893311600&rst=1723000316302&rpt=198&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F449
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubmeucvGjh9ucTiVbSp2YpO9x-gKGT86b04f0wqVbpcKx4C2cA8Xw5wpTazbBJDAvvcRz1oZn_Ov5hzdyZIxP_bbU72H3B7YzJCuWAk9F2KO1op66SM4EXuZIAHfnfokmfxaeZpP0LZR2UUWIqM3ZMTgs6p4okjzk&sig=Cg0ArKJSzKp_J_6dLkAAEAE&id=lidar2&mcvt=1003&p=666,1091,916,1391&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20240805&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2861055222&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=1893311600&rst=1723000316284&rpt=189&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 07 Aug 2024 03:11:57 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.144.js
static.criteo.net/js/ld/
96 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1723000200000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 03:11:58 GMT
syncframe
gum.criteo.com/ Frame A67F
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=wheregoes.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::12 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://wheregoes.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Aug 2024 03:11:57 GMT
server
Kestrel
server-processing-duration-in-ticks
367456
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
publishertag.prebid.144.js
static.criteo.net/js/ld/
96 KB
0
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a00b::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

Referer
https://wheregoes.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 07 Aug 2024 03:11:58 GMT
content-encoding
gzip
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 08 Aug 2024 03:11:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202407310101&jk=2023255159740974&bg=!uLulu_TNAAZjy5caQ8s7ADQBe5WfOBUPJzcOg2sTuQ8n4__sgkIqAYzk_7sPAALyzVxDGe-IEIxoIIISSsdiyskd7kr5AgAAAFZSAAAAAmgBB34ANh5v3bRggYcjNdQ8CSiRgd2bZnWTNCVL-8FLkBMuFQmgEju3oT1OkGW9MpU8-qAp2n3lQVrJw5kCsaRPirOgP8DJerrWmVPKT1u8q476Xyu9tfoywMebQHynSaeSpl_gwFf0-JpTa7CvqlD2SQrheXco89VBk_C1yTdjLX_BbB_-chviuyzxqtZZ4EYXRDtKcGzalrlBO-NYhqG3M39ozJFmpVXQ4tSxgV5F5LOAhouPaMEnhRsr33Hyd2E8v26bMsxVUGqosIOSGq9LXQf6oY0LcIv4P-w91esrPckqYzal3ZmDZ3nfF_57xYGpb2kAcwXThIBdyAeqU6WbWCYpXhADF97fkDeOybfGwqTcb1OFXKI5jZUBXr9c76mW3Q_7dMMb8V74SS9X_e8V8WGwepearcM6XaQbtQVqFKzaOQ4Ukm06VZoX7jF6GnHOLRm6e4OzKUEI2cWk7BdmHTzUE5zYf4O3fLK0d4nE9Ey5GTbDLRXtzhR6BGCzR_gA-Lq44CV7-USqbqF2bLsuDerWLbGHvambMJ0hGF8qvWtrPBfh9GKCzUP8cYb24TrzdYUIEBaM6tcwrw_eURGMuYIuya923XqHaY9rZlnPXB7IzTr8taKviXiBubOJkuUqo5w0dwhizASxDEio_6gA6yy1vIg02FWZcr5Ix_3zirhN6sSoES13CQBfCBBXOpvx9Y0D-sdy2qo1VvGKS2hTOu00Bjo4nlHpoePh0M480q-yraJZTaafVZ93r2KepYg9b0ronD7VdgxjkbrZTNw7S3WwkQIIx612c9OP3s-0YAXTFtjLy6GXwbs_wCu0BTkxRANrjcLdRiUgIhCpdRufI8Mwh09E91bx_ozQ9n0M1v3oiZ1K-5kAUW6UbG9oBvfr4AbSh41EwCBNVQHtD_3B1IDy2S94KsdHyiz_f_NVZYc-GEWlu10Y-CnX5dbpmBwMyVizu3lXu_RdBDzH5reVPRQRDGqtg64k2BDcmyhx

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| _wpemojiSettings function| $ function| jQuery boolean| bsaAds object| runtime object| regeneratorRuntime object| wp function| sprintf function| vsprintf object| swv object| wpcf7 function| offsetAnchor object| whereGoes object| customTheme function| plausible function| __$PP object| twemoji object| bsaexperiments object| bsagpt object| bsaheaderbid object| optimize object| googletag object| bsapbChunk object| bsapb object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| bsas2s object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_reactive_ads_global_state object| Criteo object| google_tag_topics_state string| _fullres_page_view_id string| _fullres_page_view_page string| _fullres_page_view_owner number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144

14 Cookies

Domain/Path Name / Value
.wheregoes.com/ Name: cf_clearance
Value: JzDBSGgGIj4Bkg57iDSQ4YtTC5Xr._B3CkvlY_UVs3o-1723000314-1.0.1.1-8lRipGkGypiWYbREqNDwekCctcJ6nFKSn6wSWV4Fyv20kC55Uc3S41kvFq2LRGh0It.iK41cmGs2ZDk0ZWUcOQ
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.lijit.com/ Name: ljt_reader
Value: JHo_ABZHsnKbI5lgTPuhMETi
.omnitagjs.com/ Name: ayl_visitor
Value: 59dc22fb4163994eb91ff0f30aafc156
.rubiconproject.com/ Name: khaos
Value: LZJ9WG5K-G-FB53
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bHJHpuhD5WCau1WuCoMxA8a+JUixCbOKdpsNRZ0PQu+sNZhEN2rNOA+uVM0bP5nQ80zgHlbzd1OQIn0kEOGVL/NzxTqj0kKQGgijy0RC4Zd8RuybVyVU0yt
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.wheregoes.com/ Name: __gads
Value: ID=8c7faf8071af91f6:T=1723000316:RT=1723000316:S=ALNI_MYwP1FT48ROK9c6voN9ioqbbp0Mlg
.wheregoes.com/ Name: __gpi
Value: UID=00000ec7a32c85a1:T=1723000316:RT=1723000316:S=ALNI_MYzPTPXYMk2eWoKLakeBdesGqt1QQ
.wheregoes.com/ Name: __eoi
Value: ID=dffa5071b76b7e7f:T=1723000316:RT=1723000316:S=AA-AfjbQcP7ahL4Cn2Bzmfqdkaf2
.doubleclick.net/ Name: IDE
Value: AHWqTUmMCm5RaCUil1xnbFQ9zBpM9NM6BcSeEnU-ZLhlElZQiAtyRaW5us46DOqoWO4
.criteo.com/ Name: uid
Value: c3671b66-b11a-4971-bc2e-30cab3680a95
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.wheregoes.com/ Name: cto_bundle
Value: Oqgp2V9malpKWmU1TnlIVk9MU3pESFF6eE9ZRkJaRnNkeXQlMkJSQWRJNTZiNXZaTklnNUdWRXRMYWZYVDN5YmpEYmdzMnBHJTJCdkwxMlBzOVJJbyUyRjlDYk5YOXVseHFsTFp3MGQlMkZxVFA0T0lKUndhUUdWS09nVUpKTU1ycXVqcFpjNWVyY0VtZm00MW94cTNIVFEwQ3YwRVNnJTJGaUJBJTNEJTNE

1 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&PageUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F&PageReferrer=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20244243105%2F
Message:
Failed to load resource: the server responded with a status of 412 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ddf988e0fea2e051a18f85c9aecf8e9.safeframe.googlesyndication.com
ads.servenobid.com
ap.lijit.com
api.fouanalytics.com
bidder.criteo.com
cdn4.buysellads.net
fastlane.rubiconproject.com
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
onetag-sys.com
pagead2.googlesyndication.com
prebid.media.net
securepubads.g.doubleclick.net
srv.buysellads.com
static.criteo.net
tpc.googlesyndication.com
wheregoes.com
www.google.com
pagead2.googlesyndication.com
159.203.151.34
172.217.197.156
172.253.63.155
172.67.170.60
172.67.183.14
173.194.66.105
195.244.31.11
23.20.203.238
24.144.70.77
2602:803:c002:200::32
2607:f8b0:4004:c1b::84
2607:f8b0:400d:c01::84
2620:100:a00b::12
2620:100:a00b::4
3.23.121.74
34.120.63.153
51.222.39.186
64.233.180.155
68.67.160.24
74.119.117.6
0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0f655a39b5c51669399f196e9146d221699ce8756a7beff5c12871e08c8776aa
111da58b16b15c6bac6126be92d0a83c8d1dc4139b6361411a744deda5242c66
16c97b6c26473d70b044e56a04aaa08a40cbf07d644e8bea637f41d3e4acbc7e
17b79ece7ef9d1454a90156690d33d64387b67a7a7548fc826012512e287a937
1d52e1ac7d3bc25a8b0ffc257153f9dd50249f96fe9a4df5e0d771241a69062c
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2cb546fbdda7995d374fffa4b2f6530bbcf57d014639ddf76de45df43d593045
3ad9142bdbe3474b92ef9c3b36d3ae8986cd2bf1582b47078ac9c06cebf2d2f2
41525043adc1181543f91e383888cd6817ac06de303c64c069d88ab6bfc3364c
46e36dd6ca93014e4915c723632bf180d27cc96ccfb7c26e69213e1a82129a62
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
52447a87b6ab5b33a130d4565dd8a0115f4a463036d6b9d76f178743ac9a8626
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53f700b326f1414787ea7ae51c995e46e608064aaab2597818d083e2e109870f
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
5d6120670efc8d0e341da81feee0298095402654414f1e93fad0683da438622d
5ee36c237d181f8357ffc4dfecc8cf7f417c4680477e67efe19ca54add16ae18
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a
6adbf7613efb9d5f9385e42495ec01a5a17690551607263a0d840d08f132f9c6
6adcd129ba21186e360041fe480f29eb06624bad964a651434309df9224a6ce6
6e0e832bf066053ed491066593d0e34543bb96da6ec4b727db520585d2451257
8494303eb0aa1c272fbc596243190122ebeb0366d8ec3996541ff77e9799d1ba
867bb6f3c1fc6ff61e1ff5f8533be17b91de0d69e262283dcc7a2cbce396abe6
8d08b67c252083a37cb7295ba5796d73c6e205c7aabe133d9cb604b73ea5985c
9bd60e98f5c571e18cfcc0b6cb9b665409c5c9dbe2da1f2380c304455c1685e0
a218f71ca19363f32708623720794ed5c4eb6fabf5a2944ea6f44f99a782def6
aee65a95165b0703281d429dfe2e32d197e526848d58c1a9b025d00ffcba0767
b3ed1c95a2cfc56dc479e3f8dd47419e0b32a9eb747bb241e8520d690b0e0193
b4987ec68837273fe612c09892841f5011f57d542e12b1567db12e18e5e214ed
c022ad0172c4e1509cdbcbd659b3842c0e0cd62cf201c1aa0a7cfd7cacb2b71a
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c2560383c7e6dec34f500615b6a100a14525e8eff0e878fdc6c2e0c7733e1dee
ca7ba00037cdf8ba8419648ac50f13bf322daed74a4b3f4f6a7efdcd3f3b4362
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cec82c640ce452837c2225de15a253c028466534b37600b5dafc2601685f1892
d406835a89314a2f5e65ace91b7f4404fd1d08cd1a7e0ea6e96b765d29c318b9
d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2
dcd2a41f652812774ecde5c7091a5a2321fe8467de81fc0db0674c5146d54eff
de8279221cec92147e41e962754da2e9667fe862dc94f192566fa7bec3d11f11
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f053be9c91dd84c0a3b14b168ed75173531e8175b1315beb67681a97b359abd6
f313d12ea6124bd28fc4a6b7163d253bb83d5aeab5edce594880c5c3df475cbc
f343c88e656bb9de90e19296354287c83e204ccf885209f0e202a12ea3444981
f56a65ab2a60e4c053c63dc08aa9034f983c0bd48bd1bea06cf8f0e1fc208aae
f59e04af2a3d82f0795b25ce4f979181a47feee11da7b401201861e418c8de10
f88c1da986c6222e070edfef4cbb51b88e16bfcd9dd099f37b6839bccd75b6c4