wheregoes.com Open in urlscan Pro
2606:4700:3034::6815:240d Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wheregoes.com/trace/20224689838/
Submission: On September 27 via manual (September 27th 2022, 3:04:24 pm UTC) from ID — Scanned from DE

Summary HTTP 167 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 60 IPs in 8 countries across 61 domains to perform 167 HTTP transactions. The main IP is 2606:4700:3034::6815:240d, located in United States and belongs to CLOUDFLARENET, US. The main domain is wheregoes.com.
TLS certificate: Issued by E1 on August 28th 2022. Valid for: 3 months.

This is the only time wheregoes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3034::6815:240d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.64.137.32 172.64.137.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	94.31.29.32 94.31.29.32	6461 (ZAYO-6461) (ZAYO-6461)
1	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	68.183.0.10 68.183.0.10	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	35.157.246.167 35.157.246.167	16509 (AMAZON-02) (AMAZON-02)
3 5	72.251.249.9 72.251.249.9	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4	2602:803:c003... 2602:803:c003:200::21	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
3	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2	52.6.206.12 52.6.206.12	14618 (AMAZON-AES) (AMAZON-AES)
12	34.253.177.61 34.253.177.61	16509 (AMAZON-02) (AMAZON-02)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
3 7	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	23.35.236.188 23.35.236.188	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
6	23.205.235.133 23.205.235.133	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.85 13.32.99.85	16509 (AMAZON-02) (AMAZON-02)
2	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.211.60.243 52.211.60.243	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.137.107 185.86.137.107	201081 (SMARTADSE...) (SMARTADSERVER)
2 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	23.75.240.210 23.75.240.210	16625 (AKAMAI-AS) (AKAMAI-AS)
6 10	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	3.229.251.39 3.229.251.39	14618 (AMAZON-AES) (AMAZON-AES)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
6	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
2 2	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
3 3	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 3	35.172.59.108 35.172.59.108	14618 (AMAZON-AES) (AMAZON-AES)
2	104.16.201.58 104.16.201.58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
3 6	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:fb24:7ad4:5f4f:4dd3	16509 (AMAZON-02) (AMAZON-02)
3 6	52.46.151.131 52.46.151.131	16509 (AMAZON-02) (AMAZON-02)
2 3	52.95.115.255 52.95.115.255	16509 (AMAZON-02) (AMAZON-02)
1 16	34.247.205.196 34.247.205.196	16509 (AMAZON-02) (AMAZON-02)
6 6	3.124.238.184 3.124.238.184	16509 (AMAZON-02) (AMAZON-02)
2 2	54.229.65.185 54.229.65.185	16509 (AMAZON-02) (AMAZON-02)
3 4	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
3 3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	44.196.211.13 44.196.211.13	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.83.125.176 54.83.125.176	14618 (AMAZON-AES) (AMAZON-AES)
1	129.80.94.115 129.80.94.115	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
2 2	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.67.253.73 3.67.253.73	16509 (AMAZON-02) (AMAZON-02)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
2 2	3.71.169.66 3.71.169.66	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.215.44 124.146.215.44	() ()
1 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	52.59.82.25 52.59.82.25	16509 (AMAZON-02) (AMAZON-02)
1	54.194.213.220 54.194.213.220	16509 (AMAZON-02) (AMAZON-02)
1	18.202.37.168 18.202.37.168	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	2a05:d018:24:... 2a05:d018:24:b001:300d:157:643a:c4ae	16509 (AMAZON-02) (AMAZON-02)
1 2	185.86.139.89 185.86.139.89	201081 (SMARTADSE...) (SMARTADSERVER)
1	2606:4700::68... 2606:4700::6813:ac6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:75c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
167	60

9 2606:4700:3034::6815:240d (United States)

ASN13335 (CLOUDFLARENET, US)

wheregoes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.137.32 (United States)

ASN13335 (CLOUDFLARENET, US)

api.fouanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 94.31.29.32 (London, United Kingdom)

ASN6461 (ZAYO-6461, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net

cdn4.buysellads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.183.0.10 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-eu-nl-12.buysellads.com

srv.buysellads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.157.246.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 72.251.249.9 (Amsterdam, Netherlands) 3 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.75.86.98 (Istanbul, Turkey)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.206.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-206-12.compute-1.amazonaws.com

mantodea.mantisadnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.253.177.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.89.211.12 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-85.fra60.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.60.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-60-243.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.107 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.75.240.210 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 69.173.144.139 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.251.39 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-251-39.compute-1.amazonaws.com

x.yieldlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Amsterdam, Netherlands) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.85.234 (Schiphol, Netherlands) 2 redirects

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.56.137 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.172.59.108 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-59-108.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.201.58 (None, )

ASN13335 (CLOUDFLARENET, US)

pixel.yabidos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:fb24:7ad4:5f4f:4dd3 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.151.131 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.115.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 34.247.205.196 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com

usersync.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.124.238.184 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-238-184.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.65.185 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-65-185.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 70.42.32.63 (United States) 3 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands) 3 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.196.211.13 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-211-13.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.125.176 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-125-176.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.80.94.115 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.255 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.253.73 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-253-73.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States)

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.169.66 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.215.44 (None, ) 1 redirects

ASN- ()

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.82.25 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-82-25.eu-central-1.compute.amazonaws.com

sonata-notifications.taptapnetworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.213.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-213-220.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.37.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-37-168.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:24:b001:300d:157:643a:c4ae (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.89 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ac6c (United States)

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:75c3 (United States)

ASN13335 (CLOUDFLARENET, US)

pre.glotgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	rubiconproject.com 8 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 466 eus.rubiconproject.com — Cisco Umbrella Rank: 564 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 910 pixel.rubiconproject.com — Cisco Umbrella Rank: 335 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 796 token.rubiconproject.com — Cisco Umbrella Rank: 667	39 KB
17	gumgum.com 1 redirects g2.gumgum.com — Cisco Umbrella Rank: 1371 usersync.gumgum.com — Cisco Umbrella Rank: 2162	6 KB
17	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	158 KB
14	yahoo.com 5 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 953 ups.analytics.yahoo.com — Cisco Umbrella Rank: 287 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468	3 KB
13	googlesyndication.com a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142 pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	166 KB
13	servenobid.com ads.servenobid.com — Cisco Umbrella Rank: 1646 public.servenobid.com — Cisco Umbrella Rank: 3425	8 KB
13	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 228 secure.adnxs.com — Cisco Umbrella Rank: 432 acdn.adnxs.com — Cisco Umbrella Rank: 611	36 KB
9	amazon-adsystem.com 5 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 295 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232	7 KB
9	wheregoes.com wheregoes.com	154 KB
7	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 dsum.casalemedia.com — Cisco Umbrella Rank: 1306	6 KB
6	bidswitch.net 6 redirects x.bidswitch.net — Cisco Umbrella Rank: 301	4 KB
6	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 342	2 KB
5	lijit.com 3 redirects ap.lijit.com — Cisco Umbrella Rank: 597 ce.lijit.com — Cisco Umbrella Rank: 877	3 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	202 KB
4	outbrain.com 3 redirects sync.outbrain.com — Cisco Umbrella Rank: 823	1 KB
4	smartadserver.com 2 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 873 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 649	2 KB
3	creativecdn.com 3 redirects creativecdn.com — Cisco Umbrella Rank: 660	1 KB
3	disqus.com 3 redirects ssp.disqus.com — Cisco Umbrella Rank: 2279	1023 B
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 547	2 KB
3	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 462 image6.pubmatic.com — Cisco Umbrella Rank: 648	12 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	549 B
3	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 754	360 B
3	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 761 gum.criteo.com — Cisco Umbrella Rank: 406	896 B
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 1785 mp.4dex.io — Cisco Umbrella Rank: 2010	24 KB
3	buysellads.net cdn4.buysellads.net — Cisco Umbrella Rank: 14864	208 KB
3	fouanalytics.com api.fouanalytics.com — Cisco Umbrella Rank: 6903	7 KB
2	glotgrx.com pre.glotgrx.com — Cisco Umbrella Rank: 6871	318 B
2	tidaltv.com 2 redirects sync.tidaltv.com — Cisco Umbrella Rank: 1343	675 B
2	emxdgt.com 2 redirects cs.emxdgt.com — Cisco Umbrella Rank: 985	526 B
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 683	622 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 568	1 KB
2	openx.net 2 redirects us-u.openx.net — Cisco Umbrella Rank: 396	429 B
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 2715	892 B
2	yabidos.com pixel.yabidos.com — Cisco Umbrella Rank: 6742	25 KB
2	a-mo.net 2 redirects prebid.a-mo.net — Cisco Umbrella Rank: 1006	470 B
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 673	57 KB
2	media.net prebid.media.net — Cisco Umbrella Rank: 1065 contextual.media.net — Cisco Umbrella Rank: 559	9 KB
2	mantisadnetwork.com mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 16053	826 B
1	loopme.me csync.loopme.me — Cisco Umbrella Rank: 909	131 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 561	98 B
1	ad4m.at ad4m.at — Cisco Umbrella Rank: 2111
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 1453	181 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 488	433 B
1	taptapnetworks.com 1 redirects sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6558	320 B
1	socdm.com 1 redirects tg.socdm.com	691 B
1	everesttech.net sync-tm.everesttech.net — Cisco Umbrella Rank: 562	177 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 444	661 B
1	contextweb.com 1 redirects bh.contextweb.com — Cisco Umbrella Rank: 524	387 B
1	bluekai.com 1 redirects stags.bluekai.com — Cisco Umbrella Rank: 501	756 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 860	44 B
1	technoratimedia.com sync.technoratimedia.com — Cisco Umbrella Rank: 1190	293 B
1	ipredictive.com 1 redirects sync.ipredictive.com — Cisco Umbrella Rank: 919	465 B
1	stackadapt.com 1 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 694	584 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 394	708 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1018	498 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 728	735 B
1	yieldlift.com 1 redirects x.yieldlift.com — Cisco Umbrella Rank: 3461	389 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 9081	792 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4209	808 B
1	buysellads.com srv.buysellads.com — Cisco Umbrella Rank: 17229	668 B
1	w.org s.w.org — Cisco Umbrella Rank: 720	1 KB
167	61

	Domain	Requested by
16	usersync.gumgum.com	1 redirects g2.gumgum.com
12	ads.servenobid.com	cdn4.buysellads.net public.servenobid.com g2.gumgum.com ssum-sec.casalemedia.com ssbsync.smartadserver.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net wheregoes.com a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
9	c2shb.ssp.yahoo.com	cdn4.buysellads.net
9	wheregoes.com	wheregoes.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
7	secure.adnxs.com	3 redirects a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com secure.adnxs.com
6	x.bidswitch.net	6 redirects
6	s.amazon-adsystem.com	3 redirects wheregoes.com ssum-sec.casalemedia.com ssbsync.smartadserver.com
6	cm.g.doubleclick.net	3 redirects wheregoes.com g2.gumgum.com
6	match.adsrvr.org	public.servenobid.com mantodea.mantisadnetwork.com wheregoes.com g2.gumgum.com ssum-sec.casalemedia.com
6	pixel.rubiconproject.com	2 redirects public.servenobid.com wheregoes.com eus.rubiconproject.com
6	eus.rubiconproject.com	cdn4.buysellads.net eus.rubiconproject.com public.servenobid.com g2.gumgum.com
5	ib.adnxs.com	2 redirects cdn4.buysellads.net acdn.adnxs.com
5	www.googletagservices.com	cdn4.buysellads.net securepubads.g.doubleclick.net a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
4	sync.outbrain.com	3 redirects g2.gumgum.com
4	token.rubiconproject.com	4 redirects
4	ssum-sec.casalemedia.com	2 redirects public.servenobid.com ssum-sec.casalemedia.com
4	fastlane.rubiconproject.com	cdn4.buysellads.net
3	creativecdn.com	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects wheregoes.com
3	ssp.disqus.com	3 redirects
3	ups.analytics.yahoo.com	3 redirects
3	sync.1rx.io	3 redirects
3	ce.lijit.com	3 redirects
3	a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	onetag-sys.com	cdn4.buysellads.net public.servenobid.com
3	cdn4.buysellads.net	wheregoes.com
3	api.fouanalytics.com	wheregoes.com api.fouanalytics.com
2	pre.glotgrx.com	mantodea.mantisadnetwork.com
2	rtb-csync.smartadserver.com	1 redirects ssbsync.smartadserver.com
2	sync.tidaltv.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
2	cs.emxdgt.com	2 redirects
2	ad.360yield.com	2 redirects
2	b1sync.zemanta.com	2 redirects
2	us-u.openx.net	2 redirects
2	ads.avct.cloud	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	pixel.yabidos.com	mantodea.mantisadnetwork.com pixel.yabidos.com
2	prebid.a-mo.net	2 redirects
2	secure-assets.rubiconproject.com	2 redirects
2	ssbsync.smartadserver.com	1 redirects public.servenobid.com
2	ads.pubmatic.com	public.servenobid.com g2.gumgum.com
2	static.criteo.net	cdn4.buysellads.net static.criteo.net
2	pagead2.googlesyndication.com	www.googletagservices.com
2	gum.criteo.com	secure.adnxs.com
2	www.google.com	securepubads.g.doubleclick.net
2	mantodea.mantisadnetwork.com	cdn4.buysellads.net
2	ap.lijit.com	cdn4.buysellads.net public.servenobid.com
2	script.4dex.io	cdn4.buysellads.net script.4dex.io
1	csync.loopme.me	ssbsync.smartadserver.com
1	id.rlcdn.com	ssbsync.smartadserver.com
1	ad4m.at	ssum-sec.casalemedia.com
1	d.adroll.com	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	sonata-notifications.taptapnetworks.com	1 redirects
1	tg.socdm.com	1 redirects
1	sync-tm.everesttech.net	g2.gumgum.com
1	sync.mathtag.com	1 redirects
1	bh.contextweb.com	1 redirects
1	stags.bluekai.com	1 redirects
1	match.deepintent.com	g2.gumgum.com
1	sync.technoratimedia.com	g2.gumgum.com
1	sync.ipredictive.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	px.ads.linkedin.com	wheregoes.com
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	image6.pubmatic.com	ads.pubmatic.com
1	sync.go.sonobi.com	public.servenobid.com
1	p.rfihub.com	1 redirects
1	x.yieldlift.com	1 redirects
1	g2.gumgum.com	public.servenobid.com
1	public.servenobid.com	cdn4.buysellads.net
1	contextual.media.net	cdn4.buysellads.net
1	acdn.adnxs.com	cdn4.buysellads.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	prebid.media.net	cdn4.buysellads.net
1	hb-api.omnitagjs.com	cdn4.buysellads.net
1	mp.4dex.io	cdn4.buysellads.net
1	bidder.criteo.com	cdn4.buysellads.net
1	srv.buysellads.com	cdn4.buysellads.net
1	s.w.org	wheregoes.com
167	85

This site contains links to these domains. Also see Links.

Domain
wherego.es

Subject Issuer	Validity	Valid
*.wheregoes.com E1	`2022-08-28` - `2022-11-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-09` - `2022-11-08`	a year	crt.sh
*.buysellads.net Sectigo RSA Domain Validation Secure Server CA	`2022-08-17` - `2023-08-23`	a year	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2021-11-24` - `2022-12-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.buysellads.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-06-09`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.mantisadnetwork.com Amazon	`2022-09-13` - `2023-10-12`	a year	crt.sh
ads.servenobid.com Amazon	`2022-05-29` - `2023-06-27`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-21` - `2023-07-21`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.servenobid.com Amazon	`2022-02-06` - `2023-03-07`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
*.gumgum.com Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-15` - `2023-09-15`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-05-02` - `2023-06-03`	a year	crt.sh
*.ad-server.k8s.ie.ggops.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-03` - `2023-03-07`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://wheregoes.com/trace/20224689838/
Frame ID: 9350F529FBB3E3EE51F49AB2A912881B
Requests: 51 HTTP requests in this frame

Frame: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CD5247BBA4756FB42901B6A4FF7382F6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKn9qm3nMDiQ8ypvW4JRVJT0EFe2Bv6wBOxi8jCldnGt0ourkkrZi2pEdIVq88iT7yEklmQbfI7NpyOdoZg7kle9ut0Wgh45YGPWJ7BXQgGevIxc2DMkg-9PTvR-67KAeSqCW2oTOwL5AMXjCDFxAXh3gOiPuHL7BppN6GEPxExd90X5BnuLvKAEWlNTpZnavuRelMGySIlKg5_6m69-hDa7WwLLqzLGRTW9Cbzc7Bi_jmIB9600y-d5XmHNyc8ssIgl3Cf6KTxGWFwP9eA86yaeIhHyDFx7JXWwzlxEi2rLnnDHmaiJFBIjriPT_b5C9H9Fl7R0mu7tGHIvsnO7EgrC8Z&sai=AMfl-YSn8Ry0XY-ZvZbTHj-18_U53XAHSBMCtXeu1KBhow5f6eTmHI9DJkc3QHWlhEVyRHmuHBgqZEaNMcz_2ZccPSQiWYf4NvDdN4Q5XkXohatd-jGvBTb6nu8LxFyMHZwFSw&sig=Cg0ArKJSzIvAvo-SPLf4EAE&uach_m=[UACH]&adurl=
Frame ID: DA039BA21A0EE4538D74235744E1F404
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvdEuz7A_Tb6jVJEUJ1SiS7g1uUt5yfQlVIzZH3q78fvw8IBg_fLlFp5m_Qfuk3GNp2SX42d1zWyqzJ4fNzEGApg-Y3xLirgQrRBzCv4WntSKyW3KoaaGCHx89RlhUVVseqw9G97FYhrY-ZzUixDQJ_lC9oum6mr7v4kXCpkCZcShhLrBXsXIheFPJRhM2NpEk62PpWPHbkgojvypqyHrK0P-unW43kVqPxkG5JV4KPN-1NqpnJIY5ycHtAbW1f7T0m02bBa40IBwncAHcONtmaD_hVSdclAfJbglNDNP_2mdsjK07Jy7wt9goY0GRpldeaaVL9_mAJG4Q0Ppl6LTz&sai=AMfl-YTlzMvQLk45qRW6J33-Tb5y2UFMZRuQsPH6RGX4SWnLUaQUNNnAaP5SbgXTkfNTxZqcCQrRUmkaE1YnywXQdkNJile8KgXEQ91TEalUaX3P3D7AlyEuqJyQ-xy9aol9cA&sig=Cg0ArKJSzP-yZOKhnABkEAE&uach_m=[UACH]&adurl=
Frame ID: 5FFE8FCF283E8AC357C88FCD596347E2
Requests: 9 HTTP requests in this frame

Frame: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 95664C307258D8D21722C4167526F7D5
Requests: 9 HTTP requests in this frame

Frame: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D2C40589D91653A040FB36B848DA2702
Requests: 9 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B91BC680B459806F52C861944754E2B1
Requests: 3 HTTP requests in this frame

Frame: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1664291059222&secure=true&version=9&title=Trace%20Results%20%7C%20WhereGoes&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F
Frame ID: 03CD3D35696FCCF8987F6C165F4C4433
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 7DB985CAB8B399299C5AEF5F5688E7C2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664291058869
Frame ID: 990FF65605ABB2651463EDA711599063
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 04A51185413525BFC7BF09A4DAA1113C
Requests: 10 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 29543F563DCCE606D0731D56E54DD56F
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: AE57C3E27AB5D838B00750FDFAFB9721
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: F5349344536AEF2C0C8D2BD61A837F18
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 8193297EF259730F7B1B4D9DAD8218B5
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: A9479E6A71C0C81E3FBC01A239C8F2BD
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: 13AA3CB0F247A73B603748CD8300F4B1
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 647CC64DF02248267ADB25E445C22628
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=65b66333-10f6-4000-a498-79db3b26ce9d&gdpr=0&gdpr_consent=
Frame ID: 0637E8392BE1873DC6335620E724390A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: F6AAF73651435EA094FA492A8554BC9C
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80ODk4YjYxNS04Nzc3LTQ5ZmYtOTIxYS04NGY2ZWQ2MGVhNzQ=&gdpr=0&gdpr_consent=
Frame ID: A6AB98D0F3994BD8A1D3CE950CFB357A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: F37D0508321A529BFE4E46175AD8A31D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 3CEB1C0C313E9F62B0C2C544297733C0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&i=2320413815273242029brt51241664291062509817f1
Frame ID: 695064A39A57EC9CAB9019750E9CF874
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YzMQ98Co8YoAAC2GH0wAAAAA
Frame ID: 34458EB2DB95902376442D9FD461DC9B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YzMQ9r1lm95ZsZxXyHjegAAA%261138
Frame ID: 176FE132C63F59988C04874F74A3C859
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=phukrAdR5km1NKp8T7sL&pi=gumgum&tc=1
Frame ID: ED9B7AF687D2DDD6C30EDC1207109D4D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 86B8374C1C4E666A6E09DB4FB54385C3
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trace Results | WhereGoes

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

167
Requests

78 %
HTTPS

24 %
IPv6

61
Domains

85
Subdomains

60
IPs

8
Countries

1137 kB
Transfer

2966 kB
Size

64
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://wherego.es/twitter
Title: Twitter

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1923887614&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuSg_R_6DX6JgFqOQ6OXozV2LaBeHlZDXibtgG8XFt2fxo67qZ8Nl3R_ALIcPm2JPgIJergz4GjRdGDuDLVubH85mAsFXoMAzkPvBXgC6_WbzUYY4Z4TdcUfUm4EUwnvZCfwogAGR0ijBJtXToQ9EFQQHnoN8QjM-_rRO6Y-QewJd3Tkvr3CQtpehfrKjLwgcU43-z-CeSTMc9C12FMFiR7vct6yCdrCGIbFZ49b7NXIU_l4oUfTR91damf-4j0qzd-ZNK6WzZQnJ5Rz4tLzOTcs_hOYOu8M5gPkbp4oN2SPVT4ZX4thv96v9IzZo_Gb5m9KcYNcKp64_UF1XRCmG1Y15Z6fv_qoHVbXQ%2526sai%253DAMfl-YTbkAqH4wuvYdZhFvBqFP-v9Hybne6NlmkJHSjtf3rf1WAxqdvltWEt9KKvUFOuZDtOqngbbnRbhmrZcB3SqLNdMLI__htisTP9t_RtX5GtrOy5ZpgyYTuhxhySUOhhdw%2526sig%253DCg0ArKJSzGckQcA7tirHEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D HTTP 307
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D728x90%26cb%3D1923887614%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsuSg_R_6DX6JgFqOQ6OXozV2LaBeHlZDXibtgG8XFt2fxo67qZ8Nl3R_ALIcPm2JPgIJergz4GjRdGDuDLVubH85mAsFXoMAzkPvBXgC6_WbzUYY4Z4TdcUfUm4EUwnvZCfwogAGR0ijBJtXToQ9EFQQHnoN8QjM-_rRO6Y-QewJd3Tkvr3CQtpehfrKjLwgcU43-z-CeSTMc9C12FMFiR7vct6yCdrCGIbFZ49b7NXIU_l4oUfTR91damf-4j0qzd-ZNK6WzZQnJ5Rz4tLzOTcs_hOYOu8M5gPkbp4oN2SPVT4ZX4thv96v9IzZo_Gb5m9KcYNcKp64_UF1XRCmG1Y15Z6fv_qoHVbXQ%252526sai%25253DAMfl-YTbkAqH4wuvYdZhFvBqFP-v9Hybne6NlmkJHSjtf3rf1WAxqdvltWEt9KKvUFOuZDtOqngbbnRbhmrZcB3SqLNdMLI__htisTP9t_RtX5GtrOy5ZpgyYTuhxhySUOhhdw%252526sig%25253DCg0ArKJSzGckQcA7tirHEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D

Request Chain 70

https://secure.adnxs.com/ttj?id=18678115&size=120x600&cb=1578479966&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsu9HRb2r_mmfYujt-k7mDjFZiB6w1AN4oswtiTwZCbZkym4rHcHcMzocH8NkrDSf6VO9-5zu4h_J15Llh4AxGMBnlI1NAfGp_SwH0wPH8aGz_iI0ZmFfaHuS4_lqcblSttxGUIiaf0kB9YrGXtic2Uw3LdLQKCjdJ3iEGUWon_JYVLMyqXBAghLO-IP0xru8nDvKH65eX35DVJ5xYNJfrr7tSvIYZNmAIrLI9OW1ZLFRTzJVwDxSsUcXNbECZD1TB2TZDZowYK0XHn1khk1K-7AlDhwzSgX3RL7lwarSPLTeWzXsn5A_Xn6bWiQs_viCCtEQuIov7QEC1yfeIT5P02L8gPqAQ%2526sai%253DAMfl-YQ3y06Lp4hDWICQWBX78vb1GFSADRULzI3XHIwwmgWV2ircclp8L7QBa30RE1-XRXYzBw0ydO2PlKulHD0kr3vfiWJ4gyQXg37o0dlvAL1HXAKgbw2UTPR4Y5sGrsWhBA%2526sig%253DCg0ArKJSzL96_wXQxIEyEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D HTTP 307
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D120x600%26cb%3D1578479966%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsu9HRb2r_mmfYujt-k7mDjFZiB6w1AN4oswtiTwZCbZkym4rHcHcMzocH8NkrDSf6VO9-5zu4h_J15Llh4AxGMBnlI1NAfGp_SwH0wPH8aGz_iI0ZmFfaHuS4_lqcblSttxGUIiaf0kB9YrGXtic2Uw3LdLQKCjdJ3iEGUWon_JYVLMyqXBAghLO-IP0xru8nDvKH65eX35DVJ5xYNJfrr7tSvIYZNmAIrLI9OW1ZLFRTzJVwDxSsUcXNbECZD1TB2TZDZowYK0XHn1khk1K-7AlDhwzSgX3RL7lwarSPLTeWzXsn5A_Xn6bWiQs_viCCtEQuIov7QEC1yfeIT5P02L8gPqAQ%252526sai%25253DAMfl-YQ3y06Lp4hDWICQWBX78vb1GFSADRULzI3XHIwwmgWV2ircclp8L7QBa30RE1-XRXYzBw0ydO2PlKulHD0kr3vfiWJ4gyQXg37o0dlvAL1HXAKgbw2UTPR4Y5sGrsWhBA%252526sig%25253DCg0ArKJSzL96_wXQxIEyEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D

Request Chain 99

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Request Chain 100

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

Request Chain 102

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
https://ads.servenobid.com/sync?pid=312&uid=2320413815273242029

Request Chain 103

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
https://ads.servenobid.com/sync?pid=310&uid=FYwIrRZHgwfP4MRxTq-TaE1D

Request Chain 105

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
https://ads.servenobid.com/sync?pid=314&uid=24484d5e-916e-4d57-8d51-39fb856ec433

Request Chain 106

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1664291062366 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4651476993

Request Chain 107

https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
https://ads.servenobid.com/sync?pid=324&uid=5140084921961045374

Request Chain 109

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
https://ads.servenobid.com/sync?pid=327&uid=66ea15c3-4b74-4dbe-85f4-461385e503f5&gdpr=0&gdpr_consent=&us_privacy=1YN-

Request Chain 110

https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
https://ads.servenobid.com/sync?pid=337&uid=y-exL27dlE2uHHH1TFkXuInyk7BFZ5GxcoPQNaoCA-~A

Request Chain 111

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
https://ce.lijit.com/merge?pid=279534&3pid=ua-ea3ed86d-2309-3a6b-928c-80dc53c88b7c&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1lYTNlZDg2ZC0yMzA5LTNhNmItOTI4Yy04MGRjNTNjODhiN2MqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtZWEzZWQ4NmQtMjMwOS0zYTZiLTkyOGMtODBkYzUzYzg4YjdjMgIMBjgB HTTP 302
https://ssp.disqus.com/match?bidder=12&buyeruid=FYwIrRZHgwfP4MRxTq-TaE1D&r=Cid1YS1lYTNlZDg2ZC0yMzA5LTNhNmItOTI4Yy04MGRjNTNjODhiN2MqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtZWEzZWQ4NmQtMjMwOS0zYTZiLTkyOGMtODBkYzUzYzg4YjdjMgIMBjgB HTTP 302
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1lYTNlZDg2ZC0yMzA5LTNhNmItOTI4Yy04MGRjNTNjODhiN2MqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtZWEzZWQ4NmQtMjMwOS0zYTZiLTkyOGMtODBkYzUzYzg4YjdjMgIMBjgC%26buyeruid%3D HTTP 302
https://ssp.disqus.com/match?bidder=6&r=Cid1YS1lYTNlZDg2ZC0yMzA5LTNhNmItOTI4Yy04MGRjNTNjODhiN2MqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtZWEzZWQ4NmQtMjMwOS0zYTZiLTkyOGMtODBkYzUzYzg4YjdjMgIMBjgC&buyeruid=9bf25cc7-3bc4-4150-b947-0ef6eb029060&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ads.servenobid.com/sync?pid=346&uid=ua-ea3ed86d-2309-3a6b-928c-80dc53c88b7c

Request Chain 112

https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
https://ads.servenobid.com/sync?pid=339&uid=y-exL27dlE2uHHH1TFkXuInyk7BFZ5GxcoPQNaoCA-~A

Request Chain 119

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTEyNTUyYTdiOTA5MWRiZWViZjc0M2I4ZDY1NWZjNGU2NWIxOTE2Nw

Request Chain 120

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8KBXBSU-25-48IC

Request Chain 121

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/mMhsHK6AwOTv3rw6xlu8rMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8995503734670726311

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDE4iiu1-GMt5_ad6GoNzxc&google_cver=1

Request Chain 123

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MF36KwpeTUy-i1_c_JSe4A&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MF36KwpeTUy-i1_c_JSe4A

Request Chain 124

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dcw3RNZmQhKvaElucXcYwA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dcw3RNZmQhKvaElucXcYwA

Request Chain 126

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLQlhCU1UtMjUtNDhJQw==

Request Chain 127

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
https://usersync.gumgum.com/usersync?b=apn&i=2320413815273242029

Request Chain 128

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4898b615-8777-49ff-921a-84f6ed60ea74&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_4898b615-8777-49ff-921a-84f6ed60ea74&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2 HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=bddf61c1-021a-410e-844e-f1d37eeaaf3e&ssp=gumgum2 HTTP 302
https://usersync.gumgum.com/usersync?b=bsw&i=a6a13e7e-3bda-4803-9e96-02c8659bcfb4

Request Chain 129

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28TufOuZNIcAIvisJxlN-n2Ctj3Bq9GqOrPqIexqxBrzqqgkJW0KsjOyH3485X1gt1%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28TufOuZNIcAIvisJxlN-n2Ctj3Bq9GqOrPqIexqxBrzqqgkJW0KsjOyH3485X1gt1%29 HTTP 302
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4898b615-8777-49ff-921a-84f6ed60ea74&obuid=ENC(TufOuZNIcAIvisJxlN-n2Ctj3Bq9GqOrPqIexqxBrzqqgkJW0KsjOyH3485X1gt1) HTTP 302
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
https://creativecdn.com/cm-notify?pi=outbrain&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA HTTP 302
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=phukrAdR5km1NKp8T7sL&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA

Request Chain 130

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=opx&i=878a4a0c-316a-4f59-bf73-a3c3eb55b3fa

Request Chain 131

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sta&i=0-724eaba0-7cb2-483b-75c6-4279fdeac1e6$ip$81.95.5.40

Request Chain 132

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=oth&i=y-d3ymgO9E2pf_bfTtGffnj6O25eeFcA1qlfmT~A

Request Chain 133

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=vnt&i=c84a79e8-e072-4b68-b645-2abba57b41c6

Request Chain 136

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4898b615-8777-49ff-921a-84f6ed60ea74&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
https://stags.bluekai.com/site/23178?id=mQ5S_MQC4iIXWg0168kx&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23KRGVJV6TKRIM2GSSKYK5TTAMJWHBVXQJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23KRGVJV6TKRIM2GSSKYK5TTAMJWHBVXQJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mQ5S_MQC4iIXWg0168kx&us_privacy=1---

Request Chain 137

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
https://usersync.gumgum.com/usersync?b=idi&i=7bd6927d-8dce-481d-86f8-e0ae835914a0

Request Chain 138

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7029624779

Request Chain 139

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
https://usersync.gumgum.com/usersync?b=pln&i=9S0DwTzSxtXi&ev=1&pid=558355

Request Chain 140

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
https://usersync.gumgum.com/usersync?b=sad&i=3186827435777493041

Request Chain 142

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
https://usersync.gumgum.com/usersync?b=mmh&i=65b66333-10f6-4000-a498-79db3b26ce9d&gdpr=0&gdpr_consent=

Request Chain 147

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
https://cs.emxdgt.com/umcheck?apnxid=2320413815273242029&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNWFVJRA== HTTP 302
https://usersync.gumgum.com/usersync?b=emx&i=2320413815273242029brt51241664291062509817f1

Request Chain 148

https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
https://usersync.gumgum.com/usersync?b=sus&i=YzMQ98Co8YoAAC2GH0wAAAAA

Request Chain 149

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
https://usersync.gumgum.com/usersync?b=iex&i=YzMQ9r1lm95ZsZxXyHjegAAA%261138

Request Chain 150

https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
https://usersync.gumgum.com/usersync?b=rth&i=phukrAdR5km1NKp8T7sL&pi=gumgum&tc=1

Request Chain 151

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
https://eus.rubiconproject.com/usync.html?p=gumgum

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzMQ9r1lm95ZsZxXyHjegAAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENi1qUxYIwCm9et_cawt-yA&google_cver=1

Request Chain 154

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzMQ9r1lm95ZsZxXyHjegAAABHIAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzMQ9r1lm95ZsZxXyHjegAAABHIAAAIB&dcc=t

Request Chain 155

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzMQ9r1lm95ZsZxXyHjegAAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHaPqgxofatkXxgt8VbGIe4&google_cver=1

Request Chain 156

https://x.bidswitch.net/sync?ssp=index HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=index HTTP 302
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=a6a13e7e-3bda-4803-9e96-02c8659bcfb4&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_692b93fc-7a9e-4e58-81f1-ec4479e32b36&bsw_param=a6a13e7e-3bda-4803-9e96-02c8659bcfb4&expires=10 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a6a13e7e-3bda-4803-9e96-02c8659bcfb4

Request Chain 163

https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=55ff03ba-def4-4eb2-aacb-6c1424396aa3&gdpr=0&gdpr_consent=

Request Chain 165

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3186827435777493041&gdpr=0&gdpr_consent=

167 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wheregoes.com/trace/20224689838/ 17 KB
5 KB 9056ms
9005ms Document
text/html 2606:4700:3034::6815:240d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/trace/20224689838/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a290f7e586ecb71d04f78a9b17f6e7276465861c7a71967cf1716116dfdf033a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7515215069a5914d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 15:04:18 GMT
fastcgi-cache: MISS
link: <https://wheregoes.com/?p=19>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVW8fSSlaQ2118d90qoSuop4ayVAyPOpbmZMvsPBc2Ado2gUUtgEapgnrkv1CFKJz3DDRC1ampPvzV9sRXr3Xs4UZbklYXyK2VD9MQAnDxy8LfrP0bL%2FJWI9gt%2FUMT%2BKnLlJfHKjUA1133cb"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 autoptimize_9fb9f0baaf96dddafa7390367f2b4cf7.css
wheregoes.com/c/cache/autoptimize/css/ 227 KB
83 KB 26ms
25ms Stylesheet
text/css 2606:4700:3034::6815:240d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/cache/autoptimize/css/autoptimize_9fb9f0baaf96dddafa7390367f2b4cf7.css

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1749dc80450d7fb15ec9761878619b3f6433aca062b4eb7df9ac73124764bea6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20224689838/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 602931
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 20 Jul 2022 13:30:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62d8037a-38d6d"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfYOZveHT2wpkhGtgHdguvQcjFG5nj40BtuxJgKVt6UvABDcZRuP1qmvrcl8Wud1nhThvB5SJdZ%2B7ufvQ%2F%2BfHR50h4UAEwLZn9oXCX13z35ZYk3Vj8C%2BASlhIEzXHhX%2F%2BjpOAMSJdzlzUtpP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 75152188be45914d-FRA
expires: Wed, 20 Sep 2023 15:11:12 GMT

GET
H2 200 jquery.min.js Show response
wheregoes.com/wp-includes/js/jquery/ 87 KB
32 KB 23ms
23ms Script
application/javascript 2606:4700:3034::6815:240d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20224689838/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 602931
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sat, 06 Nov 2021 14:20:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61868f23-15db1"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2BIqkIsXjJNWS0GiYFSHxCojmf9d3gQ3v374SDO7%2F%2BHYQW8hgUUhiEgRdguPHlCvwpziVpWrcXb8GuUK8Hze09NLFX1C3JtENvI1pXSv3yYFo2OJvw8jtA9XrwzWyGFy1SeDEbuk7qkmsJzq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 75152188be47914d-FRA
expires: Wed, 20 Sep 2023 15:11:12 GMT

GET
H3 200 script.js Show response
wheregoes.com/js/ 1 KB
1 KB 19ms
19ms Script
application/javascript 2606:4700:3034::6815:240d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/js/script.js

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20224689838/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 925
age: 2391
x-cache: EXPIRED
cdn-cachedat: 09/27/2022 13:39:32
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.0.8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
access-control-allow-origin: *
last-modified: Tue, 27 Sep 2022 14:22:20 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uN3ArzArSq5p0zlrGsWvuUrQ9YDjeD6eEgroIy8nO8VO12b9DpUa7kOFvv7SfLn%2FTqR%2ByW6gtsstzPquwWB19YXPKr%2FITTxEA4KVZf%2BtcOsph9y9%2FOsMibFyWaymocrV2N4KORQvaLKGhYfz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, max-age=14400
permissions-policy: interest-cohort=()
cdn-requestid: 34ff0067d1acc02d0a1d3738b82710e1
cf-ray: 75152188ee9f995a-FRA
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 init-1144pc80p2fur20uadwq.js Show response
api.fouanalytics.com/api/ 460 B
863 B 522ms
188ms Script
text/javascript 172.64.137.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/init-1144pc80p2fur20uadwq.js
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b27c9e9e9e382b5950bc18470fab9e32c906abe84dddb369b66b8bc23b1d9b87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1CKnpAtAU1xnUKakOLkAFN6xJQSoeJgUxfxz4xzEmwjc%2B2fSE5UNgTtx6%2FxwGITBma%2B5tOpuLcpdmQjXEJZb%2FZ6UdlbBg7nr3AJu2e8YEpPcLjGWWJEOj5MWNj6yyRelfZwyfSN%2BIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7515218b0a6e9b7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET arrow-redirect-wheregoes.svg
wheregoes.com/c/themes/custom-theme/img/ 0
0

GET
H3 200 autoptimize_afb078e1e12f62745e232ef46fe39a0b.js Show response
wheregoes.com/c/cache/autoptimize/js/ 37 KB
13 KB 18ms
17ms Script
application/javascript 2606:4700:3034::6815:240d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/c/cache/autoptimize/js/autoptimize_afb078e1e12f62745e232ef46fe39a0b.js

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e561b725f991c1810c83551c3de0bb2cf15c0020d75ab93cbde33aae3a030f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20224689838/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 603504
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Sep 2022 14:20:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6310bfba-95c1"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kjKEnevHLB5cHbeTosnDHYtbNVjLK7hCvQ3H%2FHcfuZyVZOGtjtSRqNTFLDU0aGEhf9fAeEAE14fpXKGZj1ow%2FHHLx8mSkcbO1WXBsTxSbbxFhMyOvxjt32rtxjCEs9HjSFjK4w48XGBcLjk8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 751521893f31995a-FRA
expires: Wed, 20 Sep 2023 15:11:12 GMT

GET
H3 200 wp-emoji-release.min.js Show response
wheregoes.com/wp-includes/js/ 18 KB
5 KB 28ms
27ms Script
application/javascript 2606:4700:3034::6815:240d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/trace/20224689838/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 603503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Jul 2022 19:09:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"62d7015d-48b9"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UexdJsPmssCg3FI6b5jM0gmTrv14OrjiuxmQdeCwxX9o37xthfdSdGnibsiCyINxJ3w3LhtJh0hXNmgo8j1w%2FU7RDkB2V3Eo0Pr%2FubU8ypz8utZYqnU%2B79cqu6zC153jkPNVI870sdNEzzXc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 751521893f34995a-FRA
expires: Wed, 20 Sep 2023 15:11:12 GMT

GET
H2 200 wheregoes.js Show response
cdn4.buysellads.net/pub/ 607 KB
207 KB 71ms
7ms Script
application/javascript 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5ffe2122efc9f6a427d8cc5feeb327e4619860cca47e6e300ea08b9ba92789ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: gzip
last-modified: Tue, 27 Sep 2022 15:02:46 GMT
server: NetDNA-cache/2.2
x-amz-request-id: X111GNT7FQ7MZXYD
etag: W/"f9f8e7708b5ffa78bcdbe5172426fcde"
x-cache: HIT
content-type: application/javascript
cache-control: max-age=31104000
x-amz-id-2: 1OftkjTdfB4thJb+HL7CVqbTCcFtjurGoyNM0SxhelLLRguEheP1znpuJWxeOebsw+WWRVPeIG8=
expires: Fri, 22 Sep 2023 15:04:18 GMT

GET
H3 200 wheregoes.woff2
wheregoes.com/c/themes/custom-theme/fonts/ 8 KB
8 KB 28ms
27ms Font
font/woff2 2606:4700:3034::6815:240d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://wheregoes.com/c/themes/custom-theme/fonts/wheregoes.woff2?90359859
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_9fb9f0baaf96dddafa7390367f2b4cf7.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b

Request headers

Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_9fb9f0baaf96dddafa7390367f2b4cf7.css
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 598962
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8024
last-modified: Fri, 18 Jun 2021 18:52:37 GMT
server: cloudflare
etag: "60cceb75-1f58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvrzFps1jQ6ZFUP0r%2FxD7EUCpoMOJ0UtHixPafPfXXIsci0G7NBBe4tZcSYCX7ggrPQA3AQblssRxSMtygj1GBfojivF9o6c8IAeMVjFfb17MpKFbW%2BIwgrzHNX%2BU6MwZfimHyf64BbLU0Dq"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 751521893f37995a-FRA
expires: Wed, 20 Sep 2023 15:11:12 GMT

POST
H3 202 event Show response
wheregoes.com/api/ 2 B
796 B 295ms
295ms XHR
text/plain 2606:4700:3034::6815:240d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wheregoes.com/api/event

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/js/script.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wheregoes.com/trace/20224689838/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 925
cdn-proxyver: 1.02
cdn-cachedat: 09/27/2022 15:04:18
cdn-pullzone: 682664
application: 10.0.1.2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2
x-request-id: Fxi_5lNwxY5SJ6pUaF-C
server: cloudflare
cdn-requestpullcode: 202
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVkOTE0xRJIEu7S41wO77o6DZmG4NXCdLkcFb8RRDjAhu9dIsRk9uQoIupwBMrvVoxU3Q7fpvMFkiE9DOfQrLCO%2FwXXf5HBD%2F60Bw3TCN8dhc4%2BZDwUHwOp%2BVZgkPGVY9AMOv9YhRdtRJb2K"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: c8aec2535025b2007d23ce93530e6a67
cf-ray: 751521895f95995a-FRA
cdn-requestcountrycode: US
cdn-status: 202
cdn-requestpullsuccess: True

GET
H3 200 logo-h-blue.svg
wheregoes.com/c/themes/custom-theme/img/ 15 KB
6 KB 18ms
17ms Image
image/svg+xml 2606:4700:3034::6815:240d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wheregoes.com/c/themes/custom-theme/img/logo-h-blue.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_9fb9f0baaf96dddafa7390367f2b4cf7.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:240d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/c/cache/autoptimize/css/autoptimize_9fb9f0baaf96dddafa7390367f2b4cf7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 603503
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Sun, 11 Apr 2021 19:20:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"60734be3-3afa"
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9hPbW0gzZyf6ml1jC0TaTZYwMRWFCNaQDh%2FkAW4DdhkFhrjM2ko14KKwn9OA%2FiH6u%2Fp1Rp%2BsMchfp%2FHqRPvYNbsTfV79PkCk1NQhChI%2F4ML3XOjsk2W7dwluPp3SpE3e%2F0Nqt4qF2ZOUL5B"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: max-age=31536000
cf-ray: 751521896fac995a-FRA
expires: Wed, 20 Sep 2023 15:11:12 GMT

GET
H2 200 1f36a.svg
s.w.org/images/core/emoji/14.0.0/svg/ 2 KB
1 KB 30ms
6ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/14.0.0/svg/1f36a.svg

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 45ms
19ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

294681665f55ec95bc1a8366ea2aed9838d04962581d573a2d3c22a1dee442b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27789
x-xss-protection: 0
server: sffe
etag: "1346 / 577 of 1000 / last-modified: 1664277239"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Sep 2022 15:04:18 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
367 B 205ms
205ms Image
image/gif 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=1.4483874534693557
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 3K0NP3ETYC6G778S
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: wI/S6xKF6Tr+tykcVNEg+soMbvl2PafURoEAr3LK9nOU6DUpMzyfCkb1is+GBKgpC80T2sACtiU=
expires: Fri, 22 Sep 2023 15:04:18 GMT

GET
H2 200 acceptable.gif
cdn4.buysellads.net/ 43 B
369 B 204ms
204ms Image
image/gif 94.31.29.32
ZAYO-6461

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=1.4483874534693557
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.32 London, United Kingdom, ASN6461 (ZAYO-6461, US),
Reverse DNS: 94.31.29.32.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
last-modified: Fri, 19 Jul 2019 16:45:51 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 3K0H7WWEMGS88BKY
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: MISS
content-type: image/gif
cache-control: max-age=31104000
accept-ranges: bytes
content-length: 43
x-amz-id-2: /wvlgcek9iQTyKdRzpDP4G0DVe/4OUTCJfH+KXLZm+2AYx1jh3E5X/80F1kJPoZr66jrQpnvT9E=
expires: Fri, 22 Sep 2023 15:04:18 GMT

GET
H2 200 pubads_impl_2022092101.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 86ms
19ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 21:05:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131360
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 08:34:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Sep 2023 21:05:07 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 114 B
727 B 118ms
53ms XHR
application/json 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=wheregoes.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a2a2dbe0fa48f1113ca9405fe31993bdfd0ff541fc001294545f37fb7c03aa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
expires: Tue, 27 Sep 2022 15:04:18 GMT

GET
H2 200 pp.js Show response
api.fouanalytics.com/s/ 15 KB
6 KB 334ms
33ms Script
text/javascript 172.64.137.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/s/pp.js
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 12 Sep 2022 14:43:36 GMT
server: cloudflare
age: 4714
etag: W/"631f4598-3bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTWc8JyrSkiRhdAT%2FsJnS%2BlxGsxpDOjizTbFb9TVJIEJ03j1xe6R2DmHwSxGp67hNnoZ3Zd2EA23l7HgrvH6A%2Bg39FNmQf5N5UEMzamJqoXJ9kdt5Fsvs1ebFO3fkGpazk%2Fkh%2FaL4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7515218e29c69b7d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 CEAIT5QE.json Show response
srv.buysellads.com/ads/ 930 B
668 B 69ms
20ms Fetch
application/json 68.183.0.10
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://srv.buysellads.com/ads/CEAIT5QE.json?forcebanner=468239&ignoretargeting=yes
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 68.183.0.10 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: srv-eu-nl-12.buysellads.com
Software: //srv.buysellads.com /
Resource Hash: d4a966050e1fa719ab9044aefb00411c3c19add886ea495ab24d52a9e0c40b6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: gzip
server: //srv.buysellads.com
content-length: 555
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
867 B 76ms
35ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 108118
x-amz-request-id: txfc816f651afd42c6b431d-0063316a9c
x-amz-id-2: txfc816f651afd42c6b431d-0063316a9c
last-modified: Mon, 26 Sep 2022 09:01:16 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BeexVpjv6bjVhjD1j0gaFjpzZ%2FsQxqgzdin5McFaQk5bHgQGZV6tRYf%2FZynLcTPSfFOyiniM6LLvNZgJnGJgLTq3tDXlQkYbwtELa9qPuLCIcT4hbiblPnZL600BPul%2FNO0tam1g6oT2JMf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1664182876788516
cf-ray: 7515218d9f8390be-FRA

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
291 B 116ms
66ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280a57d4001b&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: b8c3d13333c24c5bf6a846a59600a550c03d9a032830304756789e2859f28bc6

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 148ms
98ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 56d6a831ea88ed05bdab82be987d2e38d1382028c210571a89f966e1c50a53dd

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 159ms
110ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280b8d4d001c&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: bbbb3c423aa395860833f2a5c2eccc3ed3664c33ef1df445ebaf35aca3d5419c

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 162ms
113ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee2809e73b0016&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 1c73712d068fc38be7337ed82440f7aca4063eeaf8d812814f6310e7d96e7e32

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 136ms
87ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280b8d4d001c&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 86592bb158c39c7b5065884bfe5601ae7c11fcf21d271e853142756f19cadd27

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 165ms
117ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a9691a0017c7c276934280be73c001e&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f11d014279b87c7eccfd62edad88a4567de08a46d2caf338cf51b23b489c7d17

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 143ms
96ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969544017c7c276e6e280b8d4d001c&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: ec86865288fdb93c7796bd6b986c78a626ee87e3624887a60f3c5fbcfbc9fca3

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 146ms
100ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee280c36f30017&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 07e4f0b5f6e0163f8a8250335476ded300df788560edec377c638b2f703ae12d

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 144ms
99ms XHR
application/json 35.157.246.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969544017c7c276e6e27f4ecfe0019&pos=8a969d17017c7c2764ee280cdbc80018&cmd=bid&secure=1
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 68b1597693eb99bfa79b38b2bba71c32a63fb49037f882079374f8adff9d8c96

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
content-length: 62

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
645 B 96ms
24ms XHR
application/json 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.10.0
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 1405305a6c7e58b1bcf4d749acdb0e76c8d90bd6c382c12be990132a9af49a7a

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 27 Sep 2022 15:04:18 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://wheregoes.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 353 B
1 KB 182ms
84ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=2&alt_size_ids=55&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=1eb6bd7c-008d-459c-9243-f3014c485070&l_pb_bid_id=2256908b4dfa8a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_ATF_ROS%23bsa-zone_1641228026595-4_123456&slots=1&rand=0.03156948088213207
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f25edf295a497ff09bf59b6f60213df95e90df9cb56ef3ff3927f57a4fdcfbd3

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 353
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 331 B
1 KB 197ms
96ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=1e757490-ebdc-4517-a754-b1bafd0fb977&l_pb_bid_id=2319dde8145a35b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sidebar_ROS_Pos1%23bsa-zone_1641228120494-5_123456&slots=1&rand=0.6503000058834318
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 426a9888991b5a6c8c5ce1838871925ccb2ce4d38f3c278042cddb195a40fe81

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:18 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 331
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 363 B
1 KB 258ms
127ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=2%2C16&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Leaderboard_InContent_BTF_ROS%23bsa-zone_1641318314037-7_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=fcdb7dad-09ca-4206-ba22-f5df20408d5f&l_pb_bid_id=247263587a5c39&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Leaderboard_InContent_BTF_ROS%23bsa-zone_1641318314037-7_123456&slots=1&rand=0.1092999827044574
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 53084d7d06040355fa4d9cff83de12d2026e541894202efefb0d555dbfcc5157

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 363
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 362 B
1 KB 222ms
89ms XHR
application/json 2602:803:c003:200::21
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=405332&zone_id=2271886&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!buysellads.com,15074,1,,,&rf=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F&tg_i.pbadslot=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&tk_flint=pbjs_lite_v7.10.0&x_source.tid=d1d6d9e5-7ab9-4ca4-ae4a-229f8adf80a5&l_pb_bid_id=25afca0388e90c4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F8691100%2FWheregoes_S2S_Sticky_Sidebar_ROS_Pos2%23bsa-zone_1641318529900-6_123456&slots=1&rand=0.9495327838627687
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c40cb59c20c73b6b77ed85f2693ebafb9aab3dab9be07e23f29827aa570e7991

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:19 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 362
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
311 B 81ms
41ms XHR
application/json 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.10.0&cb=52100341652&lsavail=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wheregoes.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 44

POST
H2 200 prebid Show response
mp.4dex.io/ 114 B
495 B 204ms
147ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95c0afe9d236bd88c9e46dd9920becccce31cf9ad471b856ca511913e18ac5b2

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 7515218dfa9d9ba1-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 15:04:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wheregoes.com
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
x-err: Shapings: no adunits with size and seat and mapping

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 472 B
1 KB 64ms
27ms XHR
application/json 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a2433b2c0c0a8a3a433701b4d3371219f2fae6790a9ff1187a55f525a24f3d31

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:18 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e5f11174-4ee0-4193-a195-f25e7abf8436
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://wheregoes.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 472
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
360 B 45ms
10ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://wheregoes.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 400 display Show response
mantodea.mantisadnetwork.com/prebid/ 56 B
331 B 383ms
161ms XHR
text/html 52.6.206.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1664291058821&secure=true&version=9&title=Trace%20Results%20%7C%20WhereGoes&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F&measurable=true&bids[0][bidId]=47e5329b076f2ef&bids[0][config][property]=WhereGoes&bids[0][config][zone]=Wheregoes_S2S_Leaderboard_ATF_ROS&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[1][bidId]=489afd30420c82f&bids[1][config][property]=WhereGoes&bids[1][config][zone]=Wheregoes_S2S_Sidebar_ROS_Pos1&bids[1][sizes][0][width]=300&bids[1][sizes][0][height]=250&bids[2][bidId]=49b86b458f49a21&bids[2][config][property]=WhereGoes&bids[2][config][zone]=Wheregoes_S2S_Leaderboard_InContent_BTF_ROS&bids[2][sizes][0][width]=728&bids[2][sizes][0][height]=90&bids[2][sizes][1][width]=300&bids[2][sizes][1][height]=250&bids[2][sizes][2][width]=336&bids[2][sizes][2][height]=280&bids[3][bidId]=5019deb67691a5b&bids[3][config][property]=WhereGoes&bids[3][config][zone]=Wheregoes_S2S_Sticky_Sidebar_ROS_Pos2&bids[3][sizes][0][width]=300&bids[3][sizes][0][height]=250&bids[3][sizes][1][width]=120&bids[3][sizes][1][height]=600&bids[3][sizes][2][width]=160&bids[3][sizes][2][height]=600&bids[3][sizes][3][width]=300&bids[3][sizes][3][height]=600&property=WhereGoes&foo
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.206.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-206-12.compute-1.amazonaws.com
Software: / Express
Resource Hash: 5352720a5ffb778e42dbb1d4b81c975c02018dd660e1fe9c430cbf13dba78762

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:19 GMT
x-powered-by: Express
etag: W/"38-oN4RNSEETikJBvZER0pAAAEOHrw"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://wheregoes.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 56
expires: -1

POST
H2 200 adreq Show response
ads.servenobid.com/ 755 B
709 B 209ms
116ms XHR
application/json 34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=1818
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6bfde5b839e39982ea64aee37f30c596b7424190f801ef459f2b2c6085d407bd

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://wheregoes.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 2 KB
808 B 125ms
58ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

40b7269fb48372252e877fa66046d0b581be9df67f97057d3887a8b951fbe8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-upstream-service-time: 33
vary: Accept-Encoding
content-length: 455
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
906 B 381ms
339ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 13324fd7d55ac3c545051632411a5bd4871a79127c2bdb62f6489773e1f496fd

Request headers

Referer: https://wheregoes.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 adagio.js Show response
script.4dex.io/ 73 KB
23 KB 57ms
34ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8055949c765c65e219aec8e387c224544044c6e38dff199de1c52d8a219addfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:18 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 107689
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txfd9befee918a4b13a04ed-0063316aae
x-amz-id-2: txfd9befee918a4b13a04ed-0063316aae
last-modified: Mon, 26 Sep 2022 09:01:16 GMT
server: cloudflare
etag: W/"def38d7482d5ca96063df889ba7bcc30"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZZhdHPSw4XomZg8MngtqdcAcJZ8yNABEtU%2BCkC%2BWDaF%2F0aXRNhkQYzcQrpYgvbKl9f7svlgJZLFIRLt7gz4S3jbVirlAyfQNAKe3IA7%2Fu%2B2o5w0kaiYyAz1myWR5fKU87bX6w2jyZCtSPQi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1664182876082916
cf-ray: 7515218e0b949b82-FRA
access-control-allow-headers: Authorization

GET
DATA 200
OK truncated
/ 15 KB
15 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991

Request headers

Referer
Origin: https://wheregoes.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

POST
H2 200 x Show response
api.fouanalytics.com/api/ 0
449 B 830ms
209ms XHR
text/plain 172.64.137.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.fouanalytics.com/api/x?EqXrdAJ5osXJLFOt$dXJsJDAkaHR0cHM6Ly93aGVyZWdvZXMuY29tL3RyYWNlLzIwMjI0Njg5ODM4LyIsInJlZmVycmVyJDAkIiwiYW5jZXN0b3JPcmlnaW5zJDAkIiwidmlkZW8kMCQxNjAweDEyMDB4MjQiLCJmcmFtZSQwJDAiLCJoaWRkZW4kMCQwIiwidmlzaWJpbGl0eVN0YXRlJDAkdmlzaWJsZSIsImhhc0ZvY3VzJDAkMSIsIndpbmRvdyQwJDE2MDB4MTIwMCIsInBpeGVscmF0aW8kMCQxIiwiaW5uZXIkMCQxNjAweDEyMDAiLCJvdXRlciQwJDE2MDB4MTIwMCIsImxvY2FsU3RvcmFnZSQxJDEiLCJzZXNzaW9uU3RvcmFnZSQxJDEiLCJhcHBDb2RlTmFtZSQxJE1vemlsbGEiLCJhcHBOYW1lJDEkTmV0c2NhcGUiLCJhcHBWZXJzaW9uJDEkNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDUuMC41MTk1LjEyNSBTYWZhcmkvNTM3LjM2IiwiY29va2llRW5hYmxlZCQxJHRydWUiLCJkZXZpY2VNZW1vcnkkMSQ4IiwiZG9Ob3RUcmFjayQxJCIsImhhcmR3YXJlQ29uY3VycmVuY3kkMSQ0IiwibGFuZ3VhZ2UkMSRlbi1VUyIsInBsYXRmb3JtJDEkV2luMzIiLCJwcm9kdWN0JDEkR2Vja28iLCJwcm9kdWN0U3ViJDEkMjAwMzAxMDciLCJ1c2VyQWdlbnQkMSRNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA1LjAuNTE5NS4xMjUgU2FmYXJpLzUzNy4zNiIsInZlbmRvciQxJEdvb2dsZSBJbmMuIiwidmVuZG9yU3ViJDEkIiwid2ViZHJpdmVyJDEkZmFsc2UiLCJuYXZpZ2F0b3ItaGFzaCQ0JDRjNmIxZmExIiwibmF2aWdhdG9yLXRpbWUkNCQyLjgiLCJzZW5kQmVhY29uJDQkMSIsImZvbnRyZW5kZXIkNSQxIiwidGltZSQ1JDE2NjQyOTEwNTg5MzciLCJ0aW1lem9uZSQ1JDAiLCJwbHVnaW5zLXRpbWUkNSQwIiwicGx1Z2lucyQ1JGI2ZDA1NTU4IiwibWVtLXRvdGFsSlNIZWFwU2l6ZSQ1JDE0LjMiLCJtZW0tdXNlZEpTSGVhcFNpemUkNSQxMC42IiwibWVtLWpzSGVhcFNpemVMaW1pdCQ1JDM3NjAiLCJ0aW1lLWRvbWFpbkxvb2t1cFN0YXJ0JDUkMSIsInRpbWUtZG9tYWluTG9va3VwRW5kJDUkMjAiLCJ0aW1lLWNvbm5lY3RTdGFydCQ1JDIwIiwidGltZS1jb25uZWN0RW5kJDUkNTAiLCJ0aW1lLXNlY3VyZUNvbm5lY3Rpb25TdGFydCQ1JDI3IiwidGltZS1yZXF1ZXN0U3RhcnQkNSQ1MCIsInRpbWUtcmVzcG9uc2VTdGFydCQ1JDkwNTYiLCJ0aW1lLXJlc3BvbnNlRW5kJDUkOTA1NyIsInRpbWUtZG9tTG9hZGluZyQ1JDkwNTgiLCJ0aW1lLWRvbUludGVyYWN0aXZlJDUkOTE2NSIsInRpbWUtZG9tQ29udGVudExvYWRlZEV2ZW50U3RhcnQkNSQ5MTgyIiwidGltZS1kb21Db250ZW50TG9hZGVkRXZlbnRFbmQkNSQ5MTgyIiwibmF2aWdhdGlvbi1yZWRpcmVjdENvdW50JDUkMCIsIm5hdmlnYXRpb24tdHlwZSQ1JG5hdmlnYXRlIiwiZ2xvYmFscy10aW1lJDI0JDEiLCJnbG9iYWxzJDI1JDUxNTlmNzNjIiwiZG9jdW1lbnQtdGltZSQzMyQwLjUiLCJkb2N1bWVudCQzMyQ3OTU5NjA3YSIsImNvbm5lY3Rpb24kMzMkIiwiZG93bmxpbmtNYXgkMzMkIiwiZ2V0VXNlck1lZGlhJDM0JDIiLCJwYWdlLWZyYW1lLWNvdW50JDM0JDAiLCJwYWdlLWhhc2gtdGltZSQzNSQxLjEiLCJwYWdlLWhhc2gkMzUkMmM2ZDcyZGEiLCJmb250JDU2JDEwMDAwMDAiLCJzdHlsZS1oYXNoJDU3JGY0ZGVkMTVjIiwic3R5bGUtdGltZSQ1NyQwLjgiLCJhdWRpby1jb2RlYyQ1OCQyMjIxMiIsInZpZGVvLWNvZGVjJDU4JDIyMjAwMCIsImNsb2NrJDY3JDUzMTYiLCJzb3J0JDgwJDEyLjciLCJzdGFjayQ4MSQxMzk1NSIsInN0YWNrLWVycm9yJDgxJFJhbmdlRXJyb3I6IE1heGltdW0gY2FsbCBzdGFjayBzaXplIGV4Y2VlZGVkIiwic3RhY2stdGltZSQ4MSQxLjQiLCJ3ZWJnbCQxMTckMSIsIndlYmdsMiQxMTckMSIsIndlYmdsLXZlbmRvciQxMTckSW50ZWwgSW5jLiIsIndlYmdsLXJlbmRlcmVyJDExNyRJbnRlbCBJcmlzIE9wZW5HTCBFbmdpbmUiLCJ3ZWJnbC1leHRlbnNpb25zJDExNyQ0NDk1Mzk2NSIsIndlYmdsLXRpbWUkMTE3JDM1LjkiLCJiYXR0ZXJ5JDEyMyQxIDEgMCBJbmZpbml0eSIsInBlcm1pc3Npb24tZ2VvbG9jYXRpb24kMTI0JHByb21wdCIsImF1ZGlvY29udGV4dCQxMjckZjdlNzEyZDkiLCJhdWRpb2NvbnRleHQtdGltZSQxMjckNjQuNyIsImludGVyc2VjdGlvbi1zaXplJDEzMyQxNjAweDEyMDAiLCJpbnRlcnNlY3Rpb24tZW50ZXIkMTMzJDB4MCAxNjAweDEyMDAiLCJpbnRlcnNlY3Rpb24kMTMzJDUzIiwicGVybWlzc2lvbi1ub3RpZmljYXRpb25zJDEzNCRwcm9tcHQiLCJwZXJtaXNzaW9uLWNhbWVyYSQxMzQkcHJvbXB0IiwicGVybWlzc2lvbi1taWNyb3Bob25lJDEzNCRwcm9tcHQiLCJwZXJtaXNzaW9uLXBlcnNpc3RlbnQtc3RvcmFnZSQxMzQkcHJvbXB0IiwiYWRibG9jayQxNTgkMCIsImZyYW1lcmF0ZSQxNTkkNTA~
Requested by: Host: api.fouanalytics.com
URL: https://api.fouanalytics.com/s/pp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.137.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: *
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoAcIBWks8eVipxJI9PEEFWvEIHrz1PZtOyvCpMwusvjhpQLjGu2LoYjc7ee69FDpwr%2FEL2cJzs7wGqlM%2FtGGd0snczYSSMhSlKtGbwVmf5cdwjdCHflNZtT8cKUcnDsGaOrJ%2BX%2FPA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 751521940ff99b69-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 49ms
20ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=wheregoes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 49ms
21ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wheregoes.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 138 KB
27 KB 192ms
137ms XHR
text/plain 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1476475321216959&correlator=3579772913949701&eid=31069793%2C44761477&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=8691100%2CWheregoes_S2S_Leaderboard_ATF_ROS%2CWheregoes_S2S_Sidebar_ROS_Pos1%2CWheregoes_S2S_Leaderboard_InContent_BTF_ROS%2CWheregoes_S2S_Sticky_Sidebar_ROS_Pos2&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x90%2C300x250%2C320x50%7C728x90%7C300x250%7C336x280%2C300x250%7C120x600%7C160x600%7C300x600&fluid=0%2C0%2Cheight%2C0&ifi=1&adks=1696759606%2C2861055222%2C3878002045%2C3809685794&sfv=1-0-38&fsapi=false&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1641228026595-4_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641228120494-5_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641318314037-7_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0%7Coptimize_ad_unit_id%3Dbsa-zone_1641318529900-6_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Dtech%26optimize_env%3Dprod%26optimize_pub%3Dwheregoes%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1664291059245&lmt=1664291059&dlt=1664291058028&idt=421&adxs=436%2C1091%2C276%2C1091&adys=474%2C666%2C1413%2C950&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F&frm=20&vis=1&psz=1182x1456%7C300x996%7C862x1064%7C300x996&msz=1182x90%7C300x250%7C862x250%7C300x600&fws=516%2C0%2C0%2C0&ohw=1182%2C0%2C0%2C0&ga_vid=170823038.1664291059&ga_sid=1664291059&ga_hid=1838789696&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1cd800048d2f608904ca924fab770a46b85cca67de12f3795c01a4c64115df9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27729
x-xss-protection: 0
google-lineitem-id: 5324395187,5324395187,5320060794,5320060794
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138300097396,138305874807,138305491763,138305458998
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://wheregoes.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD52 6 KB
4 KB 79ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 15:04:19 GMT
expires: Wed, 27 Sep 2023 15:04:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DA03 0
0 57ms
56ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKn9qm3nMDiQ8ypvW4JRVJT0EFe2Bv6wBOxi8jCldnGt0ourkkrZi2pEdIVq88iT7yEklmQbfI7NpyOdoZg7kle9ut0Wgh45YGPWJ7BXQgGevIxc2DMkg-9PTvR-67KAeSqCW2oTOwL5AMXjCDFxAXh3gOiPuHL7BppN6GEPxExd90X5BnuLvKAEWlNTpZnavuRelMGySIlKg5_6m69-hDa7WwLLqzLGRTW9Cbzc7Bi_jmIB9600y-d5XmHNyc8ssIgl3Cf6KTxGWFwP9eA86yaeIhHyDFx7JXWwzlxEi2rLnnDHmaiJFBIjriPT_b5C9H9Fl7R0mu7tGHIvsnO7EgrC8Z&sai=AMfl-YSn8Ry0XY-ZvZbTHj-18_U53XAHSBMCtXeu1KBhow5f6eTmHI9DJkc3QHWlhEVyRHmuHBgqZEaNMcz_2ZccPSQiWYf4NvDdN4Q5XkXohatd-jGvBTb6nu8LxFyMHZwFSw&sig=Cg0ArKJSzIvAvo-SPLf4EAE&uach_m=[UACH]&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 27 Sep 2022 15:04:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame DA03 23 KB
10 KB 43ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 15:00:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame DA03 3 KB
1 KB 47ms
12ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:55:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DA03 0
0 57ms
17ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwI4OyOnuyPWHp-Wbdna15eaYAaiSfpdvSYiOTvG7BaSikjYjkWrMjoDV-iHctFFNCO3IgbE4NgZbLkwnnRqMLgpDT8g
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA03 140 KB
44 KB 48ms
25ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 15:04:19 GMT

GET
H2 200 4447392495423479322
tpc.googlesyndication.com/simgad/ Frame DA03 27 KB
28 KB 49ms
15ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4447392495423479322

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96aed84f370995dedd8b2f5bd0478bf2ec64dd23215fb38ce31c87f828a82fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:49:03 GMT
x-content-type-options: nosniff
age: 8116
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28122
x-xss-protection: 0
last-modified: Tue, 07 Jan 2020 16:27:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Sep 2023 12:49:03 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FFE 0
0 56ms
55ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvvdEuz7A_Tb6jVJEUJ1SiS7g1uUt5yfQlVIzZH3q78fvw8IBg_fLlFp5m_Qfuk3GNp2SX42d1zWyqzJ4fNzEGApg-Y3xLirgQrRBzCv4WntSKyW3KoaaGCHx89RlhUVVseqw9G97FYhrY-ZzUixDQJ_lC9oum6mr7v4kXCpkCZcShhLrBXsXIheFPJRhM2NpEk62PpWPHbkgojvypqyHrK0P-unW43kVqPxkG5JV4KPN-1NqpnJIY5ycHtAbW1f7T0m02bBa40IBwncAHcONtmaD_hVSdclAfJbglNDNP_2mdsjK07Jy7wt9goY0GRpldeaaVL9_mAJG4Q0Ppl6LTz&sai=AMfl-YTlzMvQLk45qRW6J33-Tb5y2UFMZRuQsPH6RGX4SWnLUaQUNNnAaP5SbgXTkfNTxZqcCQrRUmkaE1YnywXQdkNJile8KgXEQ91TEalUaX3P3D7AlyEuqJyQ-xy9aol9cA&sig=Cg0ArKJSzP-yZOKhnABkEAE&uach_m=[UACH]&adurl=

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 27 Sep 2022 15:04:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 5FFE 23 KB
9 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 15:00:35 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 5FFE 3 KB
1 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 14:55:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Oct 2022 14:55:56 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5FFE 0
0 41ms
17ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSqczdEjz5H0JzE5EyvXmFGbkBFoBxmpXxYS-dHnROmDr0Xlkef4k4B_v6UaGZCibpyzE8McF1h3tVSH1HY819vQv7cjA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FFE 140 KB
44 KB 46ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 15:04:19 GMT

GET
H2 200 9435140927320421974
tpc.googlesyndication.com/simgad/ Frame 5FFE 92 KB
92 KB 38ms
19ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9435140927320421974

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de8279221cec92147e41e962754da2e9667fe862dc94f192566fa7bec3d11f11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 12:06:58 GMT
x-content-type-options: nosniff
age: 10641
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93765
x-xss-protection: 0
last-modified: Tue, 10 Mar 2020 20:30:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Sep 2023 12:06:58 GMT

GET
H3 200 container.html Show response
a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9566 6 KB
3 KB 29ms
10ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 15:04:19 GMT
expires: Wed, 27 Sep 2023 15:04:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D2C4 6 KB
3 KB 22ms
10ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069793

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 15:04:19 GMT
expires: Wed, 27 Sep 2023 15:04:19 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DA03 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c8fbe682cbc379679594e07cbd1e6b7f8ff88901ba51e0275f8d92deec033a5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5FFE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc3d76655ffb4192823c1dcbce6530a9a0aee2a146f147b80c42ea8b0eda15a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DA03 0
0 99ms
54ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtnX7Ed8l0SaBtvNZsR9-hKcwGWWAvySuYtaT86RK_K6Gd8HaocJflYWRzQ8SovT9N12I_cdwF-xLN_UVKo0HhF4SMTJz4qC1JeIKUDytUy2XDkoCnUN9oS0IuvsfCwNFtgWmTELf14pDcB0P7blskE-p53oE0snXTeNedKHUem8DSbi9camKv8pxWBxeGk7YsIX2r88RoIn7fbicVFeeUZLO7YqbbHRHP1bNRsrwwxBnQEJ5mkumW4bsNXFgJdEG_HIkpSCymP4qIIFasHe6tfrrBL9MCqcsEms0kaLD8DjfLQTkrixPlef5YAStPE-_7yIJoAf-dqkIQcbiTZJj79VeMaHo&sai=AMfl-YR6-Nj15JBOcXsijtqsiY7TXOAswvyY3BUx3yKo1d8LZiHb6rUulpv-SjbrjVmLFtFDKAcu8TNKkQXlv1f9eWfVdHGRGvBxGq2Hu91aIzuBeF1fn2i5bSHuMAmsd-94ZQ&sig=Cg0ArKJSzEfCIUFvGM3AEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 27 Sep 2022 15:04:19 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9566 22 KB
7 KB 136ms
8ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
URL: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 26 Sep 2023 18:33:52 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame 9566
Redirect Chain

https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1923887614&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuSg_R_6DX6JgFqOQ6OXozV2LaBeHlZDXibtgG8XFt2fxo67qZ8Nl3R_ALIc...
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D728x90%26cb%3D1923887614%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsuSg_R_6DX6JgFqOQ6OX...

8 KB
4 KB

15ms
14ms

Script
application/javascript

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D728x90%26cb%3D1923887614%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsuSg_R_6DX6JgFqOQ6OXozV2LaBeHlZDXibtgG8XFt2fxo67qZ8Nl3R_ALIcPm2JPgIJergz4GjRdGDuDLVubH85mAsFXoMAzkPvBXgC6_WbzUYY4Z4TdcUfUm4EUwnvZCfwogAGR0ijBJtXToQ9EFQQHnoN8QjM-_rRO6Y-QewJd3Tkvr3CQtpehfrKjLwgcU43-z-CeSTMc9C12FMFiR7vct6yCdrCGIbFZ49b7NXIU_l4oUfTR91damf-4j0qzd-ZNK6WzZQnJ5Rz4tLzOTcs_hOYOu8M5gPkbp4oN2SPVT4ZX4thv96v9IzZo_Gb5m9KcYNcKp64_UF1XRCmG1Y15Z6fv_qoHVbXQ%252526sai%25253DAMfl-YTbkAqH4wuvYdZhFvBqFP-v9Hybne6NlmkJHSjtf3rf1WAxqdvltWEt9KKvUFOuZDtOqngbbnRbhmrZcB3SqLNdMLI__htisTP9t_RtX5GtrOy5ZpgyYTuhxhySUOhhdw%252526sig%25253DCg0ArKJSzGckQcA7tirHEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D

Requested by

Host: a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
URL: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

09f2fc735c9d8dcf3442e6e630b5827b0e8232fe612e7e78062e5d68d54013c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 15:04:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 93cdc5cd-579a-47f9-a8e0-6539a82f9928
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:19 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2af3caf6-e814-4c42-8896-84626df36114
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D728x90%26cb%3D1923887614%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsuSg_R_6DX6JgFqOQ6OXozV2LaBeHlZDXibtgG8XFt2fxo67qZ8Nl3R_ALIcPm2JPgIJergz4GjRdGDuDLVubH85mAsFXoMAzkPvBXgC6_WbzUYY4Z4TdcUfUm4EUwnvZCfwogAGR0ijBJtXToQ9EFQQHnoN8QjM-_rRO6Y-QewJd3Tkvr3CQtpehfrKjLwgcU43-z-CeSTMc9C12FMFiR7vct6yCdrCGIbFZ49b7NXIU_l4oUfTR91damf-4j0qzd-ZNK6WzZQnJ5Rz4tLzOTcs_hOYOu8M5gPkbp4oN2SPVT4ZX4thv96v9IzZo_Gb5m9KcYNcKp64_UF1XRCmG1Y15Z6fv_qoHVbXQ%252526sai%25253DAMfl-YTbkAqH4wuvYdZhFvBqFP-v9Hybne6NlmkJHSjtf3rf1WAxqdvltWEt9KKvUFOuZDtOqngbbnRbhmrZcB3SqLNdMLI__htisTP9t_RtX5GtrOy5ZpgyYTuhxhySUOhhdw%252526sig%25253DCg0ArKJSzGckQcA7tirHEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9566 140 KB
44 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
URL: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 15:04:19 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D2C4 22 KB
7 KB 132ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
URL: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 26 Sep 2023 18:33:52 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/ Frame D2C4
Redirect Chain

https://secure.adnxs.com/ttj?id=18678115&size=120x600&cb=1578479966&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsu9HRb2r_mmfYujt-k7mDjFZiB6w1AN4oswtiTwZCbZkym4rHcHcMzocH8N...
https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D120x600%26cb%3D1578479966%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsu9HRb2r_mmfYujt-k7...

8 KB
4 KB

36ms
35ms

Script
application/javascript

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D120x600%26cb%3D1578479966%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsu9HRb2r_mmfYujt-k7mDjFZiB6w1AN4oswtiTwZCbZkym4rHcHcMzocH8NkrDSf6VO9-5zu4h_J15Llh4AxGMBnlI1NAfGp_SwH0wPH8aGz_iI0ZmFfaHuS4_lqcblSttxGUIiaf0kB9YrGXtic2Uw3LdLQKCjdJ3iEGUWon_JYVLMyqXBAghLO-IP0xru8nDvKH65eX35DVJ5xYNJfrr7tSvIYZNmAIrLI9OW1ZLFRTzJVwDxSsUcXNbECZD1TB2TZDZowYK0XHn1khk1K-7AlDhwzSgX3RL7lwarSPLTeWzXsn5A_Xn6bWiQs_viCCtEQuIov7QEC1yfeIT5P02L8gPqAQ%252526sai%25253DAMfl-YQ3y06Lp4hDWICQWBX78vb1GFSADRULzI3XHIwwmgWV2ircclp8L7QBa30RE1-XRXYzBw0ydO2PlKulHD0kr3vfiWJ4gyQXg37o0dlvAL1HXAKgbw2UTPR4Y5sGrsWhBA%252526sig%25253DCg0ArKJSzL96_wXQxIEyEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D

Requested by

Host: a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
URL: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

146ffb8e805c3851384b42f4174318250f1eb240aba4ab52308944db5c8a626a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 15:04:19 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 726776d9-6dcc-4177-8916-aab29f5e036e
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:19 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: f8110655-21d8-4925-a20b-564c3ca29c66
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fttj%3Fid%3D18678115%26size%3D120x600%26cb%3D1578479966%26pubclick%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%25253Fxai%25253DAKAOjsu9HRb2r_mmfYujt-k7mDjFZiB6w1AN4oswtiTwZCbZkym4rHcHcMzocH8NkrDSf6VO9-5zu4h_J15Llh4AxGMBnlI1NAfGp_SwH0wPH8aGz_iI0ZmFfaHuS4_lqcblSttxGUIiaf0kB9YrGXtic2Uw3LdLQKCjdJ3iEGUWon_JYVLMyqXBAghLO-IP0xru8nDvKH65eX35DVJ5xYNJfrr7tSvIYZNmAIrLI9OW1ZLFRTzJVwDxSsUcXNbECZD1TB2TZDZowYK0XHn1khk1K-7AlDhwzSgX3RL7lwarSPLTeWzXsn5A_Xn6bWiQs_viCCtEQuIov7QEC1yfeIT5P02L8gPqAQ%252526sai%25253DAMfl-YQ3y06Lp4hDWICQWBX78vb1GFSADRULzI3XHIwwmgWV2ircclp8L7QBa30RE1-XRXYzBw0ydO2PlKulHD0kr3vfiWJ4gyQXg37o0dlvAL1HXAKgbw2UTPR4Y5sGrsWhBA%252526sig%25253DCg0ArKJSzL96_wXQxIEyEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D2C4 140 KB
44 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
URL: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Sep 2022 15:04:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FFE 0
0 73ms
57ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_gIZKpA8XlPmSL2NiG0Ehg0x4sBPUh0izJ2u0SMKWcPY_DV1mW7FpJQOH7dbKuEEF_pfoGuYZe1VjZ4UMCaZFDTmpeX4xV2b46LIdNH4BrwkyDk62EF5JBpzl9brWXvPUlBNkpfZVRF9rvNhRLnxSC-1NRFL0vEndy0kQ-AesNyWhr65g1Xe0TvGGenF3CvlnEESnBR1wXBzpspAYojHp69KPYmfmELLXUfzyvGruB4ai2BHuzjXFiWFWb7a47hyqFmi7x0KhSjpwJ9OogyfbZxoH1oHKrZ7iLyl3262wNnsr7-q055_wh2Yky0mFP1L8_yAKqptFLAezvNV_hD_NJGw&sai=AMfl-YSitaZ1VFazF-4OGfNEUHSeoSe78LJ4co-caj76LTf7DVjxxnm776IufbIBqabVp2N2SzvN-PRmDNw1SB8h5HX_sB-UiREJ12Wu-5syth44lyA17f5T745ff3G81Q1gAQ&sig=Cg0ArKJSzCFVtD7d99S2EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 27 Sep 2022 15:04:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9566 0
0 60ms
59ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstQmoxKUHfcjzkLbtxo50Bv7Ac8lngr5URpziEzPsuTFMJZ33_rnXn5yxMF-OQCU7AFbjAT9icnZIdiSS1M4KOac1wJ569lvPIrKGkP5K3B1aufOQW3CNFbILcq4F3xBBeGralOhfkfbqm4Yp0HO4s4ey54IA1ES36cXRQAMNRmxc5MkGoV61pY02xteXLNAWQZCX-o8gLu2HgYaWEFRWm25-RscNasTNkd6tWFz1x0bvgwjxh0Aik4Ug5Tf3qic1vDDRSxMM35TCjbISO6_prNpcVfOTLjbMhx9PWQsYPqB7uBi7gvCQ3oWy1kWKVFENghi-Xbg4f9pofVgm5INOJWXfHROHUDxykEPObZYg&sai=AMfl-YQ_-CEq_krndeCOEDx6mggxfw5WCps2OMpBeGmlOVc59Ln70AxQLAR8vs2ZLxKcUCMb6NTbcVBLAJZXCawiP5y-ibhoYjDbqEvVGWuEJD77kKprQ52fyAJ9jARAGttEvw&sig=Cg0ArKJSzCUgVCthlZYgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
URL: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D2C4 0
0 58ms
58ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVJ2AiYm_D1V8qeqTf43lhNsFZtzRAk58WtWHmZ3W3yfoLYEE6cGzK-GBK3TPpFtM2MEtLnJaUqJWF6EDhMVlOe574cly3JF_lT6l_aYJ5hV-Ad_4HBq35fo-8Jz0k_cuUNjkH-UwEz7e_XfJQHn_Xn-a39GXYLOeKSUPF_nBN1D2fr1gCpUnxiK3LNdx_lFeMH24lQwyO_GQWTp9hY93peTjVtn8cbPH-qEcb-uCsaTK1IDed7QOifNgZbvaWqUCGtKPLLa5eVmHenBaUT8A48VT7DgpuLMP_pimkqvTYxaBFRQumwDEhYI4nd1qETw3CryBDdsHvK5beKZthGMvUmXE8fyAgpg&sai=AMfl-YRTqYth9ZPxlgclA5pbSRO9EuRuoZTcGkWaZgKnzeJP9JZd4BlHynWJACpMQPvsmoXgEg8moUGwCRwShyuo5ICQBDaDB9RMXAu-As6iYQ3WY-IDVaf0XKac4Tr9EMx4Kw&sig=Cg0ArKJSzLd4omtpzYk6EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
URL: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sync Show response
gum.criteo.com/ Frame 9566 51 B
293 B 52ms
17ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=728x90&cb=1923887614&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsuSg_R_6DX6JgFqOQ6OXozV2LaBeHlZDXibtgG8XFt2fxo67qZ8Nl3R_ALIcPm2JPgIJergz4GjRdGDuDLVubH85mAsFXoMAzkPvBXgC6_WbzUYY4Z4TdcUfUm4EUwnvZCfwogAGR0ijBJtXToQ9EFQQHnoN8QjM-_rRO6Y-QewJd3Tkvr3CQtpehfrKjLwgcU43-z-CeSTMc9C12FMFiR7vct6yCdrCGIbFZ49b7NXIU_l4oUfTR91damf-4j0qzd-ZNK6WzZQnJ5Rz4tLzOTcs_hOYOu8M5gPkbp4oN2SPVT4ZX4thv96v9IzZo_Gb5m9KcYNcKp64_UF1XRCmG1Y15Z6fv_qoHVbXQ%2526sai%253DAMfl-YTbkAqH4wuvYdZhFvBqFP-v9Hybne6NlmkJHSjtf3rf1WAxqdvltWEt9KKvUFOuZDtOqngbbnRbhmrZcB3SqLNdMLI__htisTP9t_RtX5GtrOy5ZpgyYTuhxhySUOhhdw%2526sig%253DCg0ArKJSzGckQcA7tirHEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 608249
strict-transport-security: max-age=31536000; preload;
expires: 60

GET
H/1.1 200
OK ttj Show response
secure.adnxs.com/ Frame 9566 0
809 B 32ms
32ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?ttjb=1&bdc=1664291059&bdh=q7PVwMkWtPhI18aqQ9rqKJwZyso.&&bdref=https%3A%2F%2Fwheregoes.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwheregoes.com%2F,https%3A%2F%2Fa35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=728x90&cb=1923887614&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsuSg_R_6DX6JgFqOQ6OXozV2LaBeHlZDXibtgG8XFt2fxo67qZ8Nl3R_ALIcPm2JPgIJergz4GjRdGDuDLVubH85mAsFXoMAzkPvBXgC6_WbzUYY4Z4TdcUfUm4EUwnvZCfwogAGR0ijBJtXToQ9EFQQHnoN8QjM-_rRO6Y-QewJd3Tkvr3CQtpehfrKjLwgcU43-z-CeSTMc9C12FMFiR7vct6yCdrCGIbFZ49b7NXIU_l4oUfTR91damf-4j0qzd-ZNK6WzZQnJ5Rz4tLzOTcs_hOYOu8M5gPkbp4oN2SPVT4ZX4thv96v9IzZo_Gb5m9KcYNcKp64_UF1XRCmG1Y15Z6fv_qoHVbXQ%2526sai%253DAMfl-YTbkAqH4wuvYdZhFvBqFP-v9Hybne6NlmkJHSjtf3rf1WAxqdvltWEt9KKvUFOuZDtOqngbbnRbhmrZcB3SqLNdMLI__htisTP9t_RtX5GtrOy5ZpgyYTuhxhySUOhhdw%2526sig%253DCg0ArKJSzGckQcA7tirHEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:19 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d50bccc8-96b3-49dd-add3-76489a8284f8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame D2C4 51 B
292 B 31ms
18ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a

Requested by

Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=120x600&cb=1578479966&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsu9HRb2r_mmfYujt-k7mDjFZiB6w1AN4oswtiTwZCbZkym4rHcHcMzocH8NkrDSf6VO9-5zu4h_J15Llh4AxGMBnlI1NAfGp_SwH0wPH8aGz_iI0ZmFfaHuS4_lqcblSttxGUIiaf0kB9YrGXtic2Uw3LdLQKCjdJ3iEGUWon_JYVLMyqXBAghLO-IP0xru8nDvKH65eX35DVJ5xYNJfrr7tSvIYZNmAIrLI9OW1ZLFRTzJVwDxSsUcXNbECZD1TB2TZDZowYK0XHn1khk1K-7AlDhwzSgX3RL7lwarSPLTeWzXsn5A_Xn6bWiQs_viCCtEQuIov7QEC1yfeIT5P02L8gPqAQ%2526sai%253DAMfl-YQ3y06Lp4hDWICQWBX78vb1GFSADRULzI3XHIwwmgWV2ircclp8L7QBa30RE1-XRXYzBw0ydO2PlKulHD0kr3vfiWJ4gyQXg37o0dlvAL1HXAKgbw2UTPR4Y5sGrsWhBA%2526sig%253DCg0ArKJSzL96_wXQxIEyEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:19 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 757503
strict-transport-security: max-age=31536000; preload;
expires: 60

GET
H/1.1 200
OK ttj Show response
secure.adnxs.com/ Frame D2C4 0
809 B 16ms
16ms Script
text/html 185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ttj?ttjb=1&bdc=1664291059&bdh=q7PVwMkWtPhI18aqQ9rqKJwZyso.&&bdref=https%3A%2F%2Fwheregoes.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwheregoes.com%2F,https%3A%2F%2Fa35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=120x600&cb=1578479966&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjsu9HRb2r_mmfYujt-k7mDjFZiB6w1AN4oswtiTwZCbZkym4rHcHcMzocH8NkrDSf6VO9-5zu4h_J15Llh4AxGMBnlI1NAfGp_SwH0wPH8aGz_iI0ZmFfaHuS4_lqcblSttxGUIiaf0kB9YrGXtic2Uw3LdLQKCjdJ3iEGUWon_JYVLMyqXBAghLO-IP0xru8nDvKH65eX35DVJ5xYNJfrr7tSvIYZNmAIrLI9OW1ZLFRTzJVwDxSsUcXNbECZD1TB2TZDZowYK0XHn1khk1K-7AlDhwzSgX3RL7lwarSPLTeWzXsn5A_Xn6bWiQs_viCCtEQuIov7QEC1yfeIT5P02L8gPqAQ%2526sai%253DAMfl-YQ3y06Lp4hDWICQWBX78vb1GFSADRULzI3XHIwwmgWV2ircclp8L7QBa30RE1-XRXYzBw0ydO2PlKulHD0kr3vfiWJ4gyQXg37o0dlvAL1HXAKgbw2UTPR4Y5sGrsWhBA%2526sig%253DCg0ArKJSzL96_wXQxIEyEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:19 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4a76d741-94a0-492d-9ea4-69f787450e75
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 9566 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebe6504b6b9ce1bcf3061c42edffce6c27f0d5b6deb70e66713985156361a307

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D2C4 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8aea6df584f48909443e8f72428ef04fcbcf1797c69fd6965bc5a05d8f097e2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9566 0
0 54ms
54ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvm_oQ_UKTnVFs28OClihdBObUBpXF-fgQYhzVRoK1BT8sPsE1EXxZKkPPCHhkIqAW0xc-CTg_3zYl29OPpM_S9kIn3HT7IiON0UJMqMOyf47DtVGD_7usHvEk-TUAwpzw0sp4KHN0A1MxFVhhIpU9CI2Ogz3AYoRAZv_oCde0cSTgeO0Xxk8WZU9AsGRD2NiChKg_U2plxvrZx3vM3zj-Ek7avFd5kJ1TUccqAcSrPVcyA58d9PxqwFgPB8DTRqh0qMH5COaBw6rBZpq_MS6NBARmkGuf6V3h84LZJrQQzasMhE060gqOzYgh5MYy9VkeOzfJTLVGZ3Xv0qAzq9NMlYdY26DajKduRV51cHB5f&sai=AMfl-YQjre8jhnRoH2dV4F0_SwFChi7owxiidcuLEQYyJBWcZAA3wyYPb0qUWRP6Tcr3U-IfSw5hVdBLEBbBhnDs6u9OBIkk2ywasABn8ypfyJ8KyYra2ew86x5fvfApFxKzSg&sig=Cg0ArKJSzODk_sHurvfmEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 27 Sep 2022 15:04:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D2C4 0
0 58ms
58ms Fetch
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-Xrbv2ywIdUI4ZYrmga_GvT0qLy-B-Euqlndj45dg2Vca2q5ykbWC31vL5KE6fDWRfueua6xaDVIwMiPcUVYiJAGXdBuPqArTVYVHS3MFzucV2ebF8HI1Iae_1xQci3UmP8Cnz-B4UIzuY6mcgOAMJx7ssfoI1PTpTh9KBXn0nkhzL3tWozVY-reJChT-F9_kIQ28iY7gTK4YRRPiy1DmhUIWc3D0FjUhPQ2l8UHWhdXUB9t7A_VOWL_l_muGN1U7oiekjcHlQR9rHrRqf54Am73mdvoGoQeLc6cpJie6VSUR6j8N_gu6ymC7P3ULsoD7AldbIpBL1kDSdfkEp5dv9KBdzf3zNeJ-&sai=AMfl-YQ9Dm68XVKLNctPh4N8ID5MBFGRjzMETugEOMI_RNdAbochF4KKYOd_oAILCC_RTedS_6h4RjpWaH-Au6FLBuMrzRnOoD-eph4d4gNizj0amS5oK_KnMEMJR30uDplgGg&sig=Cg0ArKJSzJuqQbmHfYgtEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Sep 2022 15:04:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 27 Sep 2022 15:04:19 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DA03 42 B
497 B 82ms
45ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuWe0VYEDHxhJ6O9yrg6ruUVIiU1DCIp6kqsFmU6d9xTwzDYH742GgnGGBTv_hPRrSu0Rm3zwreDkYej0IZkspxDjRIfZMOcMRsH-GLEYpNYODrwJsFAwJGjcRGZHVrcbaKTRl9IOWqtevTLlQRUSsiqxANYc-Zuk-IfXeufpBV-1kTcJBcghdKIIrsMW5IznNrnNK2_sS_bcvbtkqs7_6rtO6WmJLdkSZAvwqWf530dqaQdaqG-gfwjxZ1cx9jgxGMSUs8EOvc4dNCBB2evdWGy8jPnoOpbK6rNmWAt4IbwcCaUKW4yEgVZJSoTnvrK2_kJj1ovDIUBCbisvNUFebqHMGJngrVKDozyUs&sai=AMfl-YQOjjdAQ2WpE5PMondfWeocQcBSzssFBJ__1LCMlMa5KAraPjxHfQAwD0dMnQ5zgcKsDhe7AKPOPhCuPKGtaqB_gS2ols9blkFCP8W6JBtwN4ZYCT2_LGMdLVMHwQ6SjQ&sig=Cg0ArKJSzHh-R3D8FS3xEAE&id=lidar2&mcvt=1000&p=474,315,564,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220926&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1696759606&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664291059472&rpt=111&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5FFE 42 B
108 B 62ms
47ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFNDR1YNQl8DaGMeFsYQee6BgJnSJ1te67bMp-90mwyvmyfSw_nyiFTqVTacXwDA0WTjjMKWDXIbqhGtYNNhEZc5zIrq0BB1pH9Ss7JiED2ZXMA7zF9sy9SBQHCvy-NXJSn_SRaqm-mg90V0ewF1R53s19PnomAWe_K2WpS-V9KKR10DsusADRD4kJDr596CeYdgJFlUOBWyWlqQHJI3_jI_OestnpwWw1KOTqRKJ9FLX_7Qst-WRf-EdpLB_1vrl6GViryGXmiqDaXpoMPRYM-hPWf_kKfAwZhvl6ekkHahmVTn0gA6W7Eee8V7Rm4Nj6nzg2tL4IQ6RaleYTe60AU5IUkCl5BpM&sai=AMfl-YQvD1VKXmpHF__H9VESS6xtLknUYlRsfxq4xqjBpKAJtxuPw4yOIo8xN0mNvRzpvuh14reGVKgW4oA1oZv5q0egvkRHnN8qmMOlHGEvZHbCtXG8CHZRmCTaQ0V4d0131g&sig=Cg0ArKJSzLtNYz2at-qyEAE&id=lidar2&mcvt=1000&p=666,1091,916,1391&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220926&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2861055222&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664291059486&rpt=126&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.123.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 98ms
41ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.123.js

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:21 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:03 GMT
server: nginx
etag: W/"6271101f-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Sep 2022 15:04:21 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 88 KB
29 KB 70ms
31ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wheregoes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:21 GMT
content-encoding: gzip
last-modified: Sat, 17 Sep 2022 19:59:55 GMT
server: nginx
etag: W/"6326273b-16120"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 28 Sep 2022 15:04:21 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B91B 52 KB
17 KB 53ms
9ms Document
text/html 23.35.236.188
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-188.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 27 Sep 2022 15:04:22 GMT
ETag: "623de86a-cf34"
Expires: Wed, 28 Sep 2022 15:04:24 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding

GET
H2 200 iframe Show response
mantodea.mantisadnetwork.com/prebid/ Frame 03CD 258 B
495 B 104ms
103ms Document
text/html 52.6.206.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1664291059222&secure=true&version=9&title=Trace%20Results%20%7C%20WhereGoes&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.6.206.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-6-206-12.compute-1.amazonaws.com
Software: / Express
Resource Hash: cb8223f111e367f49b7019c6cf9a53e2c6c9452173430bccb0d418716c51ac75

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
cache-control: private, no-cache, no-store, must-revalidate
content-length: 258
content-type: text/html; charset=utf-8
date: Tue, 27 Sep 2022 15:04:22 GMT
etag: W/"102-CBNc/zjNheMos7etqW45cPnlvVs"
expires: -1
pragma: no-cache
vary: Origin
x-powered-by: Express

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 7DB9 23 KB
8 KB 67ms
27ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU18831I&prvid=2034%2C2033%2C2030%2C273%2C233%2C2028%2C2027%2C236%2C2025%2C237%2C117%2C359%2C97%2C55%2C99%2C3012%2C3011%2C3010%2C244%2C201%2C3007%2C246%2C4%2C203%2C9%2C2011%2C3022%2C172%2C3020%2C173%2C294%2C251%2C175%2C2009%2C178%2C255%2C3018%2C3017%2C214%2C336%2C3014%2C337%2C338%2C339%2C70%2C77%2C38%2C182%2C261%2C141%2C222%2C301%2C225%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

203b948aa45cab71f786156b2e9c17462a49327aac970cb776e24d217d6fa1f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8337
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 15:04:22 GMT
expires: Thu, 29 Sep 2022 15:04:22 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 204 /
onetag-sys.com/usync/ Frame 990F 0
0 11ms
10ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1664291058869

Requested by

Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 04A5 281 B
554 B 34ms
8ms Document
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Sep 2022 15:04:22 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sync.html Show response
public.servenobid.com/ Frame 2954 9 KB
4 KB 39ms
7ms Document
text/html 13.32.99.85
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/wheregoes.js?1664290800000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-85.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer: https://wheregoes.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 28500
cache-control: max-age=86400
content-encoding: br
content-type: text/html
date: Tue, 27 Sep 2022 07:09:22 GMT
etag: W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified: Wed, 17 Aug 2022 23:23:08 GMT
server: AmazonS3
vary: Accept-Encoding Origin
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
x-amz-cf-id: 5BSomY-O4DFRC2dmlvWIF4PoN03ixOGbU1LBFd0ELQMgix3jOy3epg==
x-amz-cf-pop: FRA60-P3
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5: 77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256: 4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache: Hit from cloudfront

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 04A5 31 KB
10 KB 10ms
10ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 15:04:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17059
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9421
Expires: Tue, 27 Sep 2022 19:48:41 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B91B 0
737 B 14ms
14ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: d95ff9c0-b6dd-4f1a-9aed-124a312e87ae
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame AE57 15 KB
6 KB 54ms
8ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=167034
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 15:04:22 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 29 Sep 2022 13:28:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 13926 Show response
g2.gumgum.com/usync/ Frame F534 4 KB
2 KB 112ms
33ms Document
text/html 52.211.60.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.60.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-60-243.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 328b2cea6f87441a68b4433b9dd02e66ae3143c3e58205743706d84dfc859da6

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 27 Sep 2022 15:04:22 GMT
etag: W/"06f1a4eef63cb3c38942d0d327d82bf57"
server: nginx
timing-allow-origin: *

GET
H2 204 /
onetag-sys.com/usync/ Frame 8193 0
0 9ms
9ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 Istanbul, Turkey, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK sync Show response
ssbsync.smartadserver.com/api/ Frame A947 821 B
1 KB 134ms
21ms Document
text/html 185.86.137.107
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: c25200420baa25032e6499cf2390dc4c2b91f286ca3ecc75eecc739c9d4336a5

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 821
content-type: text/html
date: Tue, 27 Sep 2022 15:04:22 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 13AA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

1 KB
1 KB

52ms
41ms

Document
text/html

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df243d05e8a30b6dc7c92454bca8717c5b334b718681e2c1cd2cd22e211da34f

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 751521a3fba19040-FRA
content-encoding: br
content-type: text/html
date: Tue, 27 Sep 2022 15:04:22 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DAxuIXFd04dttyHKdVz%2BWoMZea5gyQ7vRO6FBydy82mqiB6cwAKv4piJNLqCRWVljZg%2BHOvPeLTn%2B1VDUmwLtGnf%2FMUdp%2FAGiY%2FtkkX7YhYuDLzUN4OIeFEBnrcwtVPQwQwHR%2FItH0BVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 751521a3a9979b69-FRA
content-length: 0
date: Tue, 27 Sep 2022 15:04:22 GMT
expires: 0
location: /usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VtV8Py20YC9%2BVhyLwR9ACUL0fj01w4%2B6gsVKJZImeQk%2FoqaEJVJ9MGI%2B5egIGbdzkuAaNTfcjHx0UDNRtXK7VzCo6tksGJxk0Uad2IGHjBHKTqno7CAswWKtfvW6hi8bBZXNYH%2Fo9LID3w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 647C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east

281 B
554 B

9ms
9ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://public.servenobid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Sep 2022 15:04:22 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 27 Sep 2022 15:04:22 GMT
location: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server: AkamaiGHost

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 2954 0
239 B 60ms
11ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H2

200

sync
ads.servenobid.com/ Frame 2954
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=312&uid=2320413815273242029

0
343 B

29ms
29ms

Image
image/avif

34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=312&uid=2320413815273242029
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: c9ef1197-8247-438c-97b6-4ac596b5efef
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ads.servenobid.com/sync?pid=312&uid=2320413815273242029
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 2954
Redirect Chain

https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
https://ads.servenobid.com/sync?pid=310&uid=FYwIrRZHgwfP4MRxTq-TaE1D

0
350 B

29ms
28ms

Image
image/avif

34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=310&uid=FYwIrRZHgwfP4MRxTq-TaE1D
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ads.servenobid.com/sync?pid=310&uid=FYwIrRZHgwfP4MRxTq-TaE1D
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 2954 0
277 B 22ms
18ms Image
text/plain 72.251.249.9
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 27 Sep 2022 15:04:22 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

sync
ads.servenobid.com/ Frame 2954
Redirect Chain

https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
https://ads.servenobid.com/sync?pid=314&uid=24484d5e-916e-4d57-8d51-39fb856ec433

0
356 B

39ms
30ms

Image
image/avif

34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=314&uid=24484d5e-916e-4d57-8d51-39fb856ec433
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=314&uid=24484d5e-916e-4d57-8d51-39fb856ec433
Date: Tue, 27 Sep 2022 15:04:22 GMT
Connection: keep-alive
Content-Length: 119
Vary: Origin
Content-Type: text/html; charset=utf-8

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 2954
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1664291062366
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4651476993

70 B
264 B

60ms
30ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4651476993
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
etag: RX57e71ab33cfc4889aa6af89085433cb5003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4651476993
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 2954
Redirect Chain

https://p.rfihub.com/cm?pub=44007&in=1
https://ads.servenobid.com/sync?pid=324&uid=5140084921961045374

0
344 B

33ms
32ms

Image
image/avif

34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=324&uid=5140084921961045374
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

Location: https://ads.servenobid.com/sync?pid=324&uid=5140084921961045374
Date: Tue, 27 Sep 2022 15:04:22 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK usa
sync.go.sonobi.com/ Frame 2954 0
498 B 387ms
96ms Image
text/plain 69.166.1.12
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D

Requested by

Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-61
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

sync
ads.servenobid.com/ Frame 2954
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
https://ads.servenobid.com/sync?pid=327&uid=66ea15c3-4b74-4dbe-85f4-461385e503f5&gdpr=0&gdpr_consent=&us_privacy=1YN-

0
356 B

29ms
29ms

Image
image/avif

34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=327&uid=66ea15c3-4b74-4dbe-85f4-461385e503f5&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=327&uid=66ea15c3-4b74-4dbe-85f4-461385e503f5&gdpr=0&gdpr_consent=&us_privacy=1YN-
date: Tue, 27 Sep 2022 15:04:21 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
server: envoy
content-length: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 2954
Redirect Chain

https://ups.analytics.yahoo.com/ups/58559/occ
https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
https://ads.servenobid.com/sync?pid=337&uid=y-exL27dlE2uHHH1TFkXuInyk7BFZ5GxcoPQNaoCA-~A

0
366 B

33ms
33ms

Image
image/avif

34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=337&uid=y-exL27dlE2uHHH1TFkXuInyk7BFZ5GxcoPQNaoCA-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=337&uid=y-exL27dlE2uHHH1TFkXuInyk7BFZ5GxcoPQNaoCA-~A
date: Tue, 27 Sep 2022 15:04:22 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

sync
ads.servenobid.com/ Frame 2954
Redirect Chain

https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
https://ce.lijit.com/merge?pid=279534&3pid=ua-ea3ed86d-2309-3a6b-928c-80dc53c88b7c&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
https://ssp.disqus.com/match?bidder=12&buyeruid=FYwIrRZHgwfP4MRxTq-TaE1D&r=Cid1YS1lYTNlZDg2ZC0yMzA5LTNhNmItOTI4Yy04MGRjNTNjODhiN2MqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtZW...
https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1lYTNlZDg2ZC0yMzA5LTNhNmItOTI4Yy04MGRjNTNjODhiN2MqU2h0dHBzOi8vYWRz...
https://ssp.disqus.com/match?bidder=6&r=Cid1YS1lYTNlZDg2ZC0yMzA5LTNhNmItOTI4Yy04MGRjNTNjODhiN2MqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtZWEzZWQ4NmQtMjMwOS0zYTZiLTkyOGMtODBkY...
https://ads.servenobid.com/sync?pid=346&uid=ua-ea3ed86d-2309-3a6b-928c-80dc53c88b7c

0
358 B

37ms
37ms

Image
image/avif

34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=346&uid=ua-ea3ed86d-2309-3a6b-928c-80dc53c88b7c
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:23 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=346&uid=ua-ea3ed86d-2309-3a6b-928c-80dc53c88b7c
pragma: no-cache
date: Tue, 27 Sep 2022 15:04:23 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2

200

sync
ads.servenobid.com/ Frame 2954
Redirect Chain

https://ups.analytics.yahoo.com/ups/58632/occ
https://ads.servenobid.com/sync?pid=339&uid=y-exL27dlE2uHHH1TFkXuInyk7BFZ5GxcoPQNaoCA-~A

0
366 B

28ms
28ms

Image
image/avif

34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=339&uid=y-exL27dlE2uHHH1TFkXuInyk7BFZ5GxcoPQNaoCA-~A
Requested by: Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol: H2
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://public.servenobid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

Redirect headers

location: https://ads.servenobid.com/sync?pid=339&uid=y-exL27dlE2uHHH1TFkXuInyk7BFZ5GxcoPQNaoCA-~A
date: Tue, 27 Sep 2022 15:04:22 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 fltiu.js Show response
pixel.yabidos.com/ Frame 03CD 2 KB
1 KB 58ms
26ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=wheregoes.com
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1664291059222&secure=true&version=9&title=Trace%20Results%20%7C%20WhereGoes&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:48 GMT
server: cloudflare
age: 2833
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 751521a3eb7c9b52-FRA
content-length: 1168
expires: Tue, 27 Sep 2022 17:04:22 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 03CD 70 B
265 B 97ms
29ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=rjrqv8k&ttd_tpi=1
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1664291059222&secure=true&version=9&title=Trace%20Results%20%7C%20WhereGoes&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 647C 31 KB
10 KB 8ms
8ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 15:04:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17059
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9421
Expires: Tue, 27 Sep 2022 19:48:41 GMT

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame AE57 0
42 B 47ms
14ms Script
text/plain 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=8675656&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:21 GMT
content-length: 0

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 647C 0
239 B 444ms
95ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L8KBXBSU-25-48IC
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: b9bd3ce43b0f5c29a708abe94979ac15
Content-Type: image/gif

GET
H2 200 flimpobj.js Show response
pixel.yabidos.com/ Frame 03CD 31 KB
24 KB 19ms
18ms Script
application/javascript 104.16.201.58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.yabidos.com/flimpobj.js?cb=1664291062416&ver1=2.2.3&qid=83233313f553333313f513430313&rnd=dek9r0tfm5ud&cid=1041
Requested by: Host: pixel.yabidos.com
URL: https://pixel.yabidos.com/fltiu.js?qid=83233313f553333313f513430313&cid=1041&p=undefined&s=wheregoes.com
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.201.58 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:48 GMT
server: cloudflare
age: 6595
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 751521a42be69b52-FRA
content-length: 24217
expires: Tue, 27 Sep 2022 17:04:22 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 04A5
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTEyNTUyYTdiOTA5MWRiZWViZjc0M2I4ZDY1NWZjNGU2NWIxOTE2Nw

170 B
232 B

22ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTEyNTUyYTdiOTA5MWRiZWViZjc0M2I4ZDY1NWZjNGU2NWIxOTE2Nw

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZTEyNTUyYTdiOTA5MWRiZWViZjc0M2I4ZDY1NWZjNGU2NWIxOTE2Nw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 04A5
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8KBXBSU-25-48IC

0
708 B

226ms
182ms

Image
text/plain

2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8KBXBSU-25-48IC
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/
Protocol: H2
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 99CC5A5C93E24D4BA9A248975C654FBC Ref B: VIEEDGE3114 Ref C: 2022-09-27T15:04:22Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXpqfWXBgHcqcoBTIxoqQ==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8KBXBSU-25-48IC
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 04A5
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/mMhsHK6AwOTv3rw6xlu8rMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8995503734670726311

0
239 B

10ms
10ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8995503734670726311
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

date: Tue, 27 Sep 2022 15:04:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8995503734670726311
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 04A5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDE4iiu1-GMt5_ad6GoNzxc&google_cver=1

0
239 B

11ms
11ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDE4iiu1-GMt5_ad6GoNzxc&google_cver=1
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEDE4iiu1-GMt5_ad6GoNzxc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 04A5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=MF36KwpeTUy-i1_c_JSe4A&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MF36KwpeTUy-i1_c_JSe4A

43 B
479 B

106ms
106ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MF36KwpeTUy-i1_c_JSe4A

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:23 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: JMFX56P8DM5RWBA2NSXM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=MF36KwpeTUy-i1_c_JSe4A
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 04A5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=dcw3RNZmQhKvaElucXcYwA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dcw3RNZmQhKvaElucXcYwA

43 B
479 B

34ms
34ms

Image
image/gif

52.95.115.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dcw3RNZmQhKvaElucXcYwA

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

HTTP/1.1

Server

52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 9CWKKRRN24SDP1T7JVT5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=dcw3RNZmQhKvaElucXcYwA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 04A5 70 B
264 B 33ms
30ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 04A5
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLQlhCU1UtMjUtNDhJQw==

170 B
232 B

22ms
20ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLQlhCU1UtMjUtNDhJQw==

Requested by

Host: wheregoes.com
URL: https://wheregoes.com/trace/20224689838/

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLQlhCU1UtMjUtNDhJQw==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 611afce88997db6fdd35eb213e662871
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F534
Redirect Chain

https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
https://usersync.gumgum.com/usersync?b=apn&i=2320413815273242029

35 B
250 B

183ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=apn&i=2320413815273242029
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 18822118-0118-492b-add0-a09b8704344d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usersync.gumgum.com/usersync?b=apn&i=2320413815273242029
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F534
Redirect Chain

https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_4898b615-8777-49ff-921a-84f6ed60ea74&gdpr=0&gdpr_consent=&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_4898b615-8777-49ff-921a-84f6ed60ea74&gdpr=0&gdpr_consent=&us_privacy=1---
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dgumgum2
https://x.bidswitch.net/sync?dsp_id=59&user_id=bddf61c1-021a-410e-844e-f1d37eeaaf3e&ssp=gumgum2
https://usersync.gumgum.com/usersync?b=bsw&i=a6a13e7e-3bda-4803-9e96-02c8659bcfb4

35 B
250 B

33ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=bsw&i=a6a13e7e-3bda-4803-9e96-02c8659bcfb4
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: //usersync.gumgum.com/usersync?b=bsw&i=a6a13e7e-3bda-4803-9e96-02c8659bcfb4
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/ Frame F534
Redirect Chain

https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
https://usersync.gumgum.com/usersync?b=obn&i=ENC%28TufOuZNIcAIvisJxlN-n2Ctj3Bq9GqOrPqIexqxBrzqqgkJW0KsjOyH3485X1gt1%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_4898b615-8777-49ff-921a-84f6ed60ea74&obuid=ENC(TufOuZNIcAIvisJxlN-n2Ctj3Bq9GqOrPqIexqxBrzqqgkJW0KsjOyH3485X1gt1)
https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
https://creativecdn.com/cm-notify?pi=outbrain&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=phukrAdR5km1NKp8T7sL&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA

0
145 B

97ms
97ms

Image
text/plain

70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=phukrAdR5km1NKp8T7sL&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 15:04:23 GMT
Cache-Control: no-cache
X-TraceId: fef988ddcc7e63ae6d904b2437318699
Content-Length: 0

Redirect headers

location: https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=phukrAdR5km1NKp8T7sL&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
pragma: no-cache
date: Tue, 27 Sep 2022 15:04:23 GMT, Tue, 27 Sep 2022 15:04:23 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F534
Redirect Chain

https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
https://usersync.gumgum.com/usersync?b=opx&i=878a4a0c-316a-4f59-bf73-a3c3eb55b3fa

35 B
250 B

77ms
29ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=opx&i=878a4a0c-316a-4f59-bf73-a3c3eb55b3fa
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Tue, 27 Sep 2022 15:04:22 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usersync.gumgum.com/usersync?b=opx&i=878a4a0c-316a-4f59-bf73-a3c3eb55b3fa
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F534
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sta&i=0-724eaba0-7cb2-483b-75c6-4279fdeac1e6$ip$81.95.5.40

35 B
250 B

30ms
29ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sta&i=0-724eaba0-7cb2-483b-75c6-4279fdeac1e6$ip$81.95.5.40
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=sta&i=0-724eaba0-7cb2-483b-75c6-4279fdeac1e6$ip$81.95.5.40
Date: Tue, 27 Sep 2022 15:04:22 GMT
Connection: keep-alive
Content-Length: 124
Content-Type: text/html; charset=utf-8

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F534
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=oth&i=y-d3ymgO9E2pf_bfTtGffnj6O25eeFcA1qlfmT~A

35 B
250 B

96ms
34ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=oth&i=y-d3ymgO9E2pf_bfTtGffnj6O25eeFcA1qlfmT~A
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

date: Tue, 27 Sep 2022 15:04:22 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://usersync.gumgum.com/usersync?b=oth&i=y-d3ymgO9E2pf_bfTtGffnj6O25eeFcA1qlfmT~A
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F534
Redirect Chain

https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
https://usersync.gumgum.com/usersync?b=vnt&i=c84a79e8-e072-4b68-b645-2abba57b41c6

35 B
250 B

32ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=vnt&i=c84a79e8-e072-4b68-b645-2abba57b41c6
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Location: https://usersync.gumgum.com/usersync?b=vnt&i=c84a79e8-e072-4b68-b645-2abba57b41c6
Date: Tue, 27 Sep 2022 15:04:22 GMT
X-CI-RTID: 583a8f0b-4667-468a-a515-e41142e4b970
Connection: keep-alive
Content-Length: 108
Content-Type: text/html; charset=utf-8

GET
H2 204 services
sync.technoratimedia.com/ Frame F534 0
293 B 296ms
96ms Image
text/plain 129.80.94.115
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 129.80.94.115 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 107095665
access-control-allow-origin: https://g2.gumgum.com/
access-control-allow-credentials: true

GET
H2 200 142
match.deepintent.com/usersync/ Frame F534 0
44 B 292ms
92ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:21 GMT
content-length: 0
server: b

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F534
Redirect Chain

https://b1sync.zemanta.com/usersync/gumgum/?puid=e_4898b615-8777-49ff-921a-84f6ed60ea74&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
https://stags.bluekai.com/site/23178?id=mQ5S_MQC4iIXWg0168kx&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23KRGVJV6TKRIM2GSSKYK5TTAMJWHBVXQ...
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mQ5S_MQC4iIXWg0168kx&us_privacy=1---

35 B
250 B

33ms
33ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mQ5S_MQC4iIXWg0168kx&us_privacy=1---
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:23 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:23 GMT
P3p: CP="We do not support P3P header."
Location: https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mQ5S_MQC4iIXWg0168kx&us_privacy=1---
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 123
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F534
Redirect Chain

https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
https://usersync.gumgum.com/usersync?b=idi&i=7bd6927d-8dce-481d-86f8-e0ae835914a0

35 B
250 B

40ms
38ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=idi&i=7bd6927d-8dce-481d-86f8-e0ae835914a0
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=idi&i=7bd6927d-8dce-481d-86f8-e0ae835914a0
date: Tue, 27 Sep 2022 15:04:22 GMT
access-control-allow-origin: *
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame F534
Redirect Chain

https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7029624779

70 B
264 B

37ms
34ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7029624779
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
etag: RX57e71ab33cfc4889aa6af89085433cb5003
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7029624779
cache-control: no-store, no-cache, must-revalidate
content-type: text/html
expires: 0

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F534
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
https://usersync.gumgum.com/usersync?b=pln&i=9S0DwTzSxtXi&ev=1&pid=558355

35 B
250 B

32ms
32ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=pln&i=9S0DwTzSxtXi&ev=1&pid=558355
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://usersync.gumgum.com/usersync?b=pln&i=9S0DwTzSxtXi&ev=1&pid=558355
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-5d5cf8576-vw5h2
expires: -1

GET
H/1.1

200

usersync
usersync.gumgum.com/ Frame F534
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
https://usersync.gumgum.com/usersync?b=sad&i=3186827435777493041

35 B
250 B

40ms
39ms

Image
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.gumgum.com/usersync?b=sad&i=3186827435777493041
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
Expires: 0

Redirect headers

location: https://usersync.gumgum.com/usersync?b=sad&i=3186827435777493041
date: Tue, 27 Sep 2022 15:04:21 GMT
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame F534 0
358 B 42ms
30ms Image
image/avif 34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=309&uid=e_4898b615-8777-49ff-921a-84f6ed60ea74
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://g2.gumgum.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 0637
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
https://usersync.gumgum.com/usersync?b=mmh&i=65b66333-10f6-4000-a498-79db3b26ce9d&gdpr=0&gdpr_consent=

35 B
250 B

104ms
33ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=mmh&i=65b66333-10f6-4000-a498-79db3b26ce9d&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 27 Sep 2022 15:04:22 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Tue, 27 Sep 2022 15:04:22 GMT
Expires: Tue, 27 Sep 2022 15:04:21 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 4505 5b23575 master zrh-pixel-x29 config:1.0.0
location: https://usersync.gumgum.com/usersync?b=mmh&i=65b66333-10f6-4000-a498-79db3b26ce9d&gdpr=0&gdpr_consent=

GET
H2 503 URnmbSKM Show response
sync-tm.everesttech.net/upi/pid/ Frame F6AA 0
177 B 54ms
7ms Document
text/plain 151.101.66.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Tue, 27 Sep 2022 15:04:22 GMT
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-hhn4043-HHN
x-timer: S1664291063.500927,VS0,VE0

GET
H2 200 pixel Show response
cm.g.doubleclick.net/ Frame A6AB 170 B
502 B 45ms
23ms Document
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV80ODk4YjYxNS04Nzc3LTQ5ZmYtOTIxYS04NGY2ZWQ2MGVhNzQ=&gdpr=0&gdpr_consent=

Requested by

Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 170
content-type: image/png
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 15:04:22 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: HTTP server (unknown)
x-xss-protection: 0

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame F37D 15 KB
6 KB 14ms
11ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=167034
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Tue, 27 Sep 2022 15:04:22 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Thu, 29 Sep 2022 13:28:16 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 generic Show response
match.adsrvr.org/track/cmf/ Frame 3CEB 70 B
264 B 35ms
31ms Document
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Tue, 27 Sep 2022 15:04:22 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 6950
Redirect Chain

https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY2...
https://cs.emxdgt.com/umcheck?apnxid=2320413815273242029&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID&b64_redirect=aHR0cHM6Ly91c2Vyc3luYy5ndW1ndW0uY29tL3VzZXJzeW5jP2I9ZW14Jmk9JEVNW...
https://usersync.gumgum.com/usersync?b=emx&i=2320413815273242029brt51241664291062509817f1

35 B
250 B

111ms
35ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=emx&i=2320413815273242029brt51241664291062509817f1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 27 Sep 2022 15:04:22 GMT
Expires: 0
Pragma: no-cache

Redirect headers

content-length: 0
content-type: text/html
date: Tue, 27 Sep 2022 15:04:21 GMT
location: https://usersync.gumgum.com/usersync?b=emx&i=2320413815273242029brt51241664291062509817f1

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 3445
Redirect Chain

https://tg.socdm.com/aux/idsync?proto=gumgum
https://usersync.gumgum.com/usersync?b=sus&i=YzMQ98Co8YoAAC2GH0wAAAAA

35 B
250 B

32ms
32ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=sus&i=YzMQ98Co8YoAAC2GH0wAAAAA
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 27 Sep 2022 15:04:23 GMT
Expires: 0
Pragma: no-cache

Redirect headers

Cache-Control: private
Connection: keep-alive
Content-Length: 0
Date: Tue, 27 Sep 2022 15:04:23 GMT
Location: https://usersync.gumgum.com/usersync?b=sus&i=YzMQ98Co8YoAAC2GH0wAAAAA
P3P: CP="See also http://www.scaleout.jp/privacy/"
Server: nginx
X-SO-Ads-Time: 2
X-SO-Cluster-ID: 58
X-SO-HostName: m-ad117.dc4p.scaleout.jp
X-SO-IP: 81.95.5.40
X-SO-Key: YzMQ98Co8YoAAC2GH0wAAAAA
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":58,"gdpr":true,"ipv4":"0.0.0.0","key":"YzMQ98Co8YoAAC2GH0wAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad117"}
X-SO-LB-Hostname: m-tgng38.dc4p.scaleout.jp
X-SO-Upstream-ID: m-ad117

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame 176F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
https://usersync.gumgum.com/usersync?b=iex&i=YzMQ9r1lm95ZsZxXyHjegAAA%261138

35 B
250 B

110ms
31ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=iex&i=YzMQ9r1lm95ZsZxXyHjegAAA%261138
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 27 Sep 2022 15:04:22 GMT
Expires: 0
Pragma: no-cache

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 751521a47c559040-FRA
content-length: 0
date: Tue, 27 Sep 2022 15:04:22 GMT
expires: 0
location: https://usersync.gumgum.com/usersync?b=iex&i=YzMQ9r1lm95ZsZxXyHjegAAA%261138
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GAbtmkVJjfjDzDiY8aC1B4eWgUgZIcLXbNEm26O9Cplz7zEQuzYPaj%2FYLNF4qj7PXuaRz3gwl8v2rzC%2FwBTWwMcccfY9TvB%2Bu7wv1d3T2qjmn92YZsGpnMCOuAIRXnKWNNsPf3W3uJ8Vqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200

usersync Show response
usersync.gumgum.com/ Frame ED9B
Redirect Chain

https://creativecdn.com/cm-notify?pi=gumgum
https://creativecdn.com/cm-notify?pi=gumgum&tc=1
https://usersync.gumgum.com/usersync?b=rth&i=phukrAdR5km1NKp8T7sL&pi=gumgum&tc=1

35 B
250 B

102ms
31ms

Document
image/gif

34.247.205.196
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usersync.gumgum.com/usersync?b=rth&i=phukrAdR5km1NKp8T7sL&pi=gumgum&tc=1
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.205.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-205-196.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-store, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif
Date: Tue, 27 Sep 2022 15:04:22 GMT
Expires: 0
Pragma: no-cache

Redirect headers

cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
date: Tue, 27 Sep 2022 15:04:22 GMT Tue, 27 Sep 2022 15:04:22 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://usersync.gumgum.com/usersync?b=rth&i=phukrAdR5km1NKp8T7sL&pi=gumgum&tc=1
pragma: no-cache

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 86B8
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
https://eus.rubiconproject.com/usync.html?p=gumgum

281 B
554 B

12ms
10ms

Document
text/html

23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by: Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://g2.gumgum.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 27 Sep 2022 15:04:22 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 27 Sep 2022 15:04:22 GMT
location: https://eus.rubiconproject.com/usync.html?p=gumgum
server: AkamaiGHost

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 13AA 70 B
264 B 32ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 13AA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzMQ9r1lm95ZsZxXyHjegAAABHIAAAIB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENi1qUxYIwCm9et_cawt-yA&google_cver=1

43 B
842 B

27ms
26ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENi1qUxYIwCm9et_cawt-yA&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 751521a4ccf69040-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FA957ha5s7Z9MkIQOz7a1xzzPekHoUBcAFY3jqmsMGVgLHL0HocShvIqtKTuqWPMtm46%2BnCRvpcLkN56MBImcZUboJEZh6tPCVO0nb9jyxEeHcDl%2F5J0ORqO88q4dgLdE6gaxYS1XCpF9w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENi1qUxYIwCm9et_cawt-yA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 13AA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzMQ9r1lm95ZsZxXyHjegAAABHIAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzMQ9r1lm95ZsZxXyHjegAAABHIAAAIB&dcc=t

43 B
855 B

129ms
112ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzMQ9r1lm95ZsZxXyHjegAAABHIAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: 1DZKJ480FKM2E5C53GE8
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: WNBX3SVKDPB42S6M5QQE
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzMQ9r1lm95ZsZxXyHjegAAABHIAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 13AA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YzMQ9r1lm95ZsZxXyHjegAAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHaPqgxofatkXxgt8VbGIe4&google_cver=1

43 B
875 B

112ms
95ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHaPqgxofatkXxgt8VbGIe4&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 751521a5695d907c-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JyCyRu8LeGuaTauCydS5D7C%2FIAkaLKm9bs9NX6qRP5CDSz%2FBItS5dTEXb2h4R9kQ2CLtqe6ap5xoNTR1fcbQ6fDolQFFXVU2uJ52YcnUMm2hpu0xiEObU9rOQS9Hfk3P6xnrpKcuRncvWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEHaPqgxofatkXxgt8VbGIe4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum.casalemedia.com/ Frame 13AA
Redirect Chain

https://x.bidswitch.net/sync?ssp=index
https://x.bidswitch.net/ul_cb/sync?ssp=index
https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=a6a13e7e-3bda-4803-9e96-02c8659bcfb4&gdpr=&gdpr_consent=&gdpr_pd=
https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_692b93fc-7a9e-4e58-81f1-ec4479e32b36&bsw_param=a6a13e7e-3bda-4803-9e96-02c8659bcfb4&expires=10
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a6a13e7e-3bda-4803-9e96-02c8659bcfb4

43 B
879 B

79ms
38ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a6a13e7e-3bda-4803-9e96-02c8659bcfb4
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 751521a5de929b3d-FRA
pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYcsSXp3ogD%2FZYLtohkxMSGVHcNkVjSLI4LgjudAqdNwdhnBNgT%2F%2FyX1VYsiN4%2FB9xlhKlUkRRAqqt%2FNVpKf%2BvPPQTX3zm7Fg4%2BkZT25MOU4%2FAJL6XM9nNPwAbFcwDX61cNcZTaK"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: //dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=a6a13e7e-3bda-4803-9e96-02c8659bcfb4
Date: Tue, 27 Sep 2022 15:04:22 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 13AA 43 B
433 B 128ms
30ms Image
image/gif 54.194.213.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.213.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-194-213-220.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 13AA 42 B
181 B 105ms
32ms Image
image/gif 18.202.37.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.37.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-37-168.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.20.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 ix
ad4m.at/ad/sim/ Frame 13AA 0
0 56ms
26ms Image
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 sync
ads.servenobid.com/ Frame 13AA 0
356 B 31ms
30ms Image
image/avif 34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=333&uid=YzMQ9r1lm95ZsZxXyHjegAAABHIAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 200 sync
ads.servenobid.com/ Frame A947 0
344 B 31ms
28ms Image
image/avif 34.253.177.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.servenobid.com/sync?pid=317&uid=3186827435777493041&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.177.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-177-61.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
amp-access-control-allow-source-origin: *
content-type: image/avif;charset=ISO-8859-1
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0

GET
H2 451 711890.gif
id.rlcdn.com/ Frame A947 0
98 B 47ms
19ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/ Frame A947
Redirect Chain

https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=55ff03ba-def4-4eb2-aacb-6c1424396aa3&gdpr=0&gdpr_consent=

43 B
436 B

31ms
22ms

Image
image/gif

185.86.139.89
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=55ff03ba-def4-4eb2-aacb-6c1424396aa3&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: HTTP/1.1
Server: 185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Sep 2022 15:04:21 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=55ff03ba-def4-4eb2-aacb-6c1424396aa3&gdpr=0&gdpr_consent=
pragma: no-cache
date: Tue, 27 Sep 2022 15:04:22 GMT
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H2 204 /
csync.loopme.me/ Frame A947 0
131 B 69ms
37ms Image
text/plain 2606:4700::6813:ac6c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Requested by: Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:ac6c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 751521a4edfe9a0b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame A947
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3186827435777493041&gdpr=0&gdpr_consent=

43 B
855 B

369ms
117ms

Image
image/gif

52.46.151.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3186827435777493041&gdpr=0&gdpr_consent=

Requested by

Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID

Protocol

HTTP/1.1

Server

52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssbsync.smartadserver.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:22 GMT
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server
x-amz-rid: QM9YB753XJAJ7MYPJY5S
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=3186827435777493041&gdpr=0&gdpr_consent=
pragma: no-cache
date: Tue, 27 Sep 2022 15:04:21 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 vbl.gif
pre.glotgrx.com/ Frame 03CD 26 B
231 B 53ms
22ms Image
image/gif 2606:4700::6810:75c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/vbl.gif?cb=1664291062543&rnd=dek9r0tfm5ud&ifm=1&uai=1&cid=1041&s=wheregoes.com&p=undefined&x=&adtg=&ats=0&atf=&nsi=&si=&nci=&nai=&pft=0&iip=0&adb=1&adc=0&adcd=i0_f0_o0_e0&ai=&icp=undefined&impid=&idl=&ttduid=&id5=&emh=
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1664291059222&secure=true&version=9&title=Trace%20Results%20%7C%20WhereGoes&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:75c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:39 GMT
server: cloudflare
age: 4684
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 751521a52fa19273-FRA
content-length: 26
expires: Tue, 27 Sep 2022 17:04:22 GMT

GET
H2 200 nflrc.gif
pre.glotgrx.com/ Frame 03CD 26 B
87 B 53ms
23ms Image
image/gif 2606:4700::6810:75c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pre.glotgrx.com/nflrc.gif?cb=166429106253064&ver=1.2r81&qid=83233313f553333313f513430313&p=undefined&s=wheregoes.com&x=&cid=1041&od1=&od2=&adtg=&nci=&nai=&si=&ai=&nsi=&co=0&cstm1=&cstm2=&cstm3=&rnd=dek9r0tfm5ud&impid=&idl=&ttduid=&id5=&emh=&tps=2&ver1=2.2.3&1=ada5c4d16f4b58495e4b604aba79e1a1&2=0.0&3=1200_1600_1200_1600_24_24_1&5=%7B%220%22%3A%7B%220%22%3A%22Chrome%2520PDF%2520Plugin%2520-%2520%2520-%2520internal-pdf-viewer%2520-%2520Portable%2520Document%2520Formatfl_br%22%2C%221%22%3A%22Chrome%2520PDF%2520Viewer%2520-%2520%2520-%2520mhjfbmdgcfjbbpaeojofohoefgiehjai%2520-%2520fl_br%22%2C%222%22%3A%22Native%2520Client%2520-%2520%2520-%2520internal-nacl-plugin%2520-%2520fl_br%22%7D%7D&6=2&7={%22e%22:%2211%22,%22m%22:%220%22,%22f%22:%223428%22}&ats=0&atf=&dbgcid=1041&ifm=1&penv=b&pt=&ptbp=&tw=0&ldp=1&icpl=26&icp=https%253A//wheregoes.com/&irfl=26&irf=https%253A//wheregoes.com/&cty=4&fcs=0&flky=ver-fl-6-qid-fl-28-p-fl-9-s-fl-13-x-fl-0-cid-fl-4-od1-fl-0-od2-fl-0-adtg-fl-0-nci-fl-0-nai-fl-0-si-fl-0-ai-fl-0-nsi-fl-0-co-fl-0-cstm1-fl-0-cstm2-fl-0-cstm3-fl-0-rnd-fl-12-impid-fl-0-idl-fl-0-ttduid-fl-0-id5-fl-0-emh-fl-0-tps-fl-0-cb-fl-13-ver1-fl-5-&spfp=0&spfnp=0&sp1=Chromefl_andWindows&sp2=Chromefl_andWindows&adv=0&det=1&adb=1&iip=0&spf=0&adc=0&adcd=i0_f0_o0_e0&vps=0x0&gpu=Intel%20Iris%20OpenGL%20Engine&ncf=4g_10_undefined_null_0_undefined_false&chua={%22architecture%22:%22%22,%22brands%22:[],%22mobile%22:false,%22model%22:%22%22,%22platform%22:%22%22,%22platformVersion%22:%22%22,%22uaFullVersion%22:%22%22}&fli=&flerr=0&trim=&fio=21
Requested by: Host: mantodea.mantisadnetwork.com
URL: https://mantodea.mantisadnetwork.com/prebid/iframe?tz=0&buster=1664291059222&secure=true&version=9&title=Trace%20Results%20%7C%20WhereGoes&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:75c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mantodea.mantisadnetwork.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 15:04:22 GMT
cf-cache-status: HIT
last-modified: Fri, 26 Aug 2022 17:37:39 GMT
server: cloudflare
age: 7115
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 751521a52fa39273-FRA
content-length: 26
expires: Tue, 27 Sep 2022 17:04:22 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 86B8 31 KB
10 KB 10ms
9ms Script
text/html 23.205.235.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-205-235-133.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Tue, 27 Sep 2022 15:04:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 15 Sep 2022 22:38:47 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17059
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9421
Expires: Tue, 27 Sep 2022 19:48:41 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 86B8 0
239 B 13ms
11ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L8KBXBSU-25-48IC
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B91B 0
737 B 17ms
16ms Script
text/html 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Sep 2022 15:04:23 GMT
X-Proxy-Origin: 81.95.5.40; 81.95.5.40; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2dcb8ddf-c05f-4eb7-bfb9-c1ec4dc03765
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: wheregoes.com
URL: https://wheregoes.com/c/themes/custom-theme/img/arrow-redirect-wheregoes.svg

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rubiconproject.com/	1970-01-20 15:03:47	Name: khaos Value: L8KBXBSU-25-48IC
.rubiconproject.com/	1970-01-20 15:03:47	Name: audit Value: 1\|SDziDG3X/Ejni61zTFdWx14C1LCtWBX9mfsNIvv6Qtp0kTU4st2MuUTSdhjzf/mRtjr9BQ320rs+/UJ4kF6/1In0kEOGVL/NTCnSCuDd+RA=
.wheregoes.com/	1970-01-20 15:39:47	Name: __gads Value: ID=2aa98a90b1a126f4-22d17cf432ce0082:T=1664291059:S=ALNI_MavisEtOdGIRyJDbt4xBZVN-96IeQ
.doubleclick.net/	1970-01-20 15:39:47	Name: IDE Value: AHWqTUmdANDMfmJTvICGLbJdwO_ccHbv3_i2203QOd-HKNwouU01irrJdVCR3MyFQx8
.adnxs.com/	1970-01-20 08:27:47	Name: uuid2 Value: 2320413815273242029
.yahoo.com/	1970-01-20 15:04:08	Name: A3 Value: d=AQABBPYQM2MCEL2ve_lfh1WFqrBpu9xUakcFEgEBAQFiNGM8YwAAAAAA_eMAAA&S=AQAAAuaxDiltufUEqSlL-Kyi458
.lijit.com/	1970-01-20 15:03:47	Name: ljt_reader Value: FYwIrRZHgwfP4MRxTq-TaE1D
.servenobid.com/	1970-01-20 06:28:15	Name: pid_312 Value: 2320413815273242029
.ads.pubmatic.com/	1970-01-20 06:19:37	Name: KCCH Value: YES
.casalemedia.com/	1970-01-20 15:03:47	Name: CMID Value: YzMQ9r1lm95ZsZxXyHjegAAA
.casalemedia.com/	1970-01-20 08:27:47	Name: CMPS Value: 1138
.casalemedia.com/	1970-01-20 08:27:47	Name: CMPRO Value: 1138
.analytics.yahoo.com/	1970-01-20 15:03:47	Name: IDSYNC Value: 196n~27ef
.lijit.com/	1970-01-20 15:03:47	Name: _ljtrtb_273657 Value: 273657
.servenobid.com/	1970-01-20 06:28:15	Name: pid_327 Value: 66ea15c3-4b74-4dbe-85f4-461385e503f5
.servenobid.com/	1970-01-20 06:28:15	Name: pid_339 Value: y-exL27dlE2uHHH1TFkXuInyk7BFZ5GxcoPQNaoCA-~A
.servenobid.com/	1970-01-20 06:28:15	Name: pid_337 Value: y-exL27dlE2uHHH1TFkXuInyk7BFZ5GxcoPQNaoCA-~A
.servenobid.com/	1970-01-20 06:28:15	Name: pid_310 Value: FYwIrRZHgwfP4MRxTq-TaE1D
.gumgum.com/	1970-01-20 15:03:47	Name: vst Value: e_4898b615-8777-49ff-921a-84f6ed60ea74
.smartadserver.com/	1970-01-20 15:48:25	Name: pid Value: 3186827435777493041
.1rx.io/	1970-01-20 15:03:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-57e71ab3-3cfc-4889-aa6a-f89085433cb5-003%22%2C%22zdxidn%22%3A%221506%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D%22%7D
.rfihub.com/	1970-01-20 15:39:47	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrQ0MzQwMTU2NxHiM9R1tIwPKCstMEwqCqsCAEEOzkElAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTCwMLE0MrQ0MzQwMTU2NxHiM9R1tIwPKCstMEwqCqsCAEEOzkElAAAA
.rfihub.com/	1970-01-20 15:39:47	Name: eud Value: H4sIAAAAAAAA_zslzmtoZmZiZGloYGZkYm4MAAH282oQAAAA
.servenobid.com/	1970-01-20 06:28:15	Name: pid_309 Value: e_4898b615-8777-49ff-921a-84f6ed60ea74
.openx.net/	1970-01-20 15:03:47	Name: i Value: a31bd125-b0f8-48f8-82de-7bc647228141\|1664291062
.servenobid.com/	1970-01-20 06:28:15	Name: pid_333 Value: YzMQ9r1lm95ZsZxXyHjegAAABHIAAAIB
.emxdgt.com/	1970-01-20 07:01:23	Name: euid Value: 51241664291062509817f1
.servenobid.com/	1970-01-20 06:28:15	Name: pid_317 Value: 3186827435777493041
.mathtag.com/	1970-01-20 15:44:06	Name: uuid Value: 65b66333-10f6-4000-a498-79db3b26ce9d
.creativecdn.com/	1970-01-20 15:03:47	Name: u Value: phukrAdR5km1NKp8T7sL
.creativecdn.com/	1970-01-20 15:03:47	Name: ts Value: 1664291062
.servenobid.com/	1970-01-20 06:28:15	Name: pid_324 Value: 5140084921961045374
.emxdgt.com/	1970-01-20 07:01:23	Name: eapn_id Value: 2320413815273242029
.bidswitch.net/	1970-01-20 15:03:47	Name: c Value: 1664291062
.bidswitch.net/	1970-01-20 15:03:47	Name: tuuid_lu Value: 1664291062
.bidswitch.net/	1970-01-20 15:03:47	Name: tuuid Value: a6a13e7e-3bda-4803-9e96-02c8659bcfb4
.taptapnetworks.com/	1970-01-20 15:03:47	Name: SONATA_ID Value: csonata_692b93fc-7a9e-4e58-81f1-ec4479e32b36
.tidaltv.com/	1970-01-20 15:03:47	Name: tidal_ttid Value: 55ff03ba-def4-4eb2-aacb-6c1424396aa3
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8651\|YzMR4
.360yield.com/	1970-01-20 08:27:47	Name: tuuid Value: 7bd6927d-8dce-481d-86f8-e0ae835914a0
.360yield.com/	1970-01-20 08:27:47	Name: tuuid_lu Value: 1664291062
ads.avct.cloud/	1970-01-20 15:03:47	Name: uuid Value: bddf61c1-021a-410e-844e-f1d37eeaaf3e
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:03:47	Name: bcookie Value: "v=2&a2a8dc27-5bf8-4780-8cee-ccd6da97c71b"
.linkedin.com/	1970-01-20 10:37:23	Name: li_gc Value: MTswOzE2NjQyOTEwNjI7MjswMjHMGIBKDW3NZiTHRxyk808UMrZ5s8YOM8KVAlPh2qivOg==
.linkedin.com/	1970-01-20 06:19:37	Name: lidc Value: "b=TGST00:s=T:r=T:a=T:p=T:g=2982:u=1:x=1:i=1664291062:t=1664377462:v=2:sig=AQGAUcvZwakxR5WuEWZbfRc8NtQ2B0R5"
x.yieldlift.com/	1970-01-20 07:01:23	Name: ylxuid Value: 24484d5e-916e-4d57-8d51-39fb856ec433
.tidaltv.com/	1970-01-20 15:03:47	Name: sync-his Value: "H4sIAAAAAAAAADM0NjI1tjI0NgMAWRMl2AkAAAA="
.casalemedia.com/	1970-01-20 08:27:47	Name: CMTS Value: 5170
.technoratimedia.com/	1970-01-20 15:54:11	Name: tads_uid Value: GDPR
.amazon-adsystem.com/	1970-01-20 15:54:11	Name: ad-privacy Value: 0
.smartadserver.com/	1970-01-20 15:03:47	Name: csync Value: 96:55ff03ba-def4-4eb2-aacb-6c1424396aa3\|135:TAM_OK
.servenobid.com/	1970-01-20 06:28:15	Name: pid_314 Value: 24484d5e-916e-4d57-8d51-39fb856ec433
.zemanta.com/	1970-01-20 15:03:47	Name: zuid Value: mQ5S_MQC4iIXWg0168kx
.outbrain.com/	1970-01-20 08:27:47	Name: obuid Value: 81f6c398-1670-4fd4-b460-c449db4eb347
.ipredictive.com/	1970-01-20 15:03:47	Name: cu Value: c84a79e8-e072-4b68-b645-2abba57b41c6\|1664291062797
sync.srv.stackadapt.com/	1970-01-20 15:03:47	Name: sa-user-id Value: s%3A0-724eaba0-7cb2-483b-75c6-4279fdeac1e6.Pl8jvnhZ%2BuHKM%2F%2Fqfx64kafW21X%2F1gracDkYf3P6jyY
.srv.stackadapt.com/	1970-01-20 15:03:47	Name: sa-user-id-v2 Value: s%3Ack6roHyySDt1xkJ5_erB5lFfBSg.4AgkH7G4IBLFIwiid7V1zHuQ55Cx8lYPDDV7F8bcBQE
.disqus.com/	1970-01-20 15:03:47	Name: zeta-ssp-user-id Value: ua-ea3ed86d-2309-3a6b-928c-80dc53c88b7c
.lijit.com/	1970-01-20 15:03:47	Name: ljtrtb Value: eJyrVjIyNzYzNVeygjFqASoHBDc%3D
.lijit.com/	1970-01-20 15:03:47	Name: _ljtrtb_279534 Value: ua-ea3ed86d-2309-3a6b-928c-80dc53c88b7c
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 4d6db0fb1874f624
.amazon-adsystem.com/	1970-01-20 10:46:01	Name: ad-id Value: A04zCuh01kbfjamjo0Onfqk

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1664291058821&secure=true&version=9&title=Trace%20Results%20%7C%20WhereGoes&url=https%3A%2F%2Fwheregoes.com%2Ftrace%2F20224689838%2F&measurable=true&bids[0][bidId]=47e5329b076f2ef&bids[0][config][property]=WhereGoes&bids[0][config][zone]=Wheregoes_S2S_Leaderboard_ATF_ROS&bids[0][sizes][0][width]=728&bids[0][sizes][0][height]=90&bids[0][sizes][1][width]=970&bids[0][sizes][1][height]=90&bids[1][bidId]=489afd30420c82f&bids[1][config][property]=WhereGoes&bids[1][config][zone]=Wheregoes_S2S_Sidebar_ROS_Pos1&bids[1][sizes][0][width]=300&bids[1][sizes][0][height]=250&bids[2][bidId]=49b86b458f49a21&bids[2][config][property]=WhereGoes&bids[2][config][zone]=Wheregoes_S2S_Leaderboard_InContent_BTF_ROS&bids[2][sizes][0][width]=728&bids[2][sizes][0][height]=90&bids[2][sizes][1][width]=300&bids[2][sizes][1][height]=250&bids[2][sizes][2][width]=336&bids[2][sizes][2][height]=280&bids[3][bidId]=5019deb67691a5b&bids[3][config][property]=WhereGoes&bids[3][config][zone]=Wheregoes_S2S_Sticky_Sidebar_ROS_Pos2&bids[3][sizes][0][width]=300&bids[3][sizes][0][height]=250&bids[3][sizes][1][width]=120&bids[3][sizes][1][height]=600&bids[3][sizes][2][width]=160&bids[3][sizes][2][height]=600&bids[3][sizes][3][width]=300&bids[3][sizes][3][height]=600&property=WhereGoes&foo Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a35c8d29f6766945359ebb5bc99a04b6.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad4m.at
ads.avct.cloud
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.fouanalytics.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c2shb.ssp.yahoo.com
cdn4.buysellads.net
ce.lijit.com
cm.g.doubleclick.net
contextual.media.net
creativecdn.com
cs.emxdgt.com
csync.loopme.me
d.adroll.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
g2.gumgum.com
gum.criteo.com
hb-api.omnitagjs.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
mantodea.mantisadnetwork.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mp.4dex.io
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.yabidos.com
pr-bh.ybp.yahoo.com
pre.glotgrx.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s.w.org
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
sonata-notifications.taptapnetworks.com
srv.buysellads.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
wheregoes.com
www.google.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
wheregoes.com
104.16.201.58
104.18.18.126
104.18.19.126
124.146.215.44
129.80.94.115
13.32.99.85
147.75.85.234
151.101.66.49
169.197.150.8
172.217.18.98
172.64.137.32
178.250.2.131
18.202.37.168
185.184.8.90
185.255.84.151
185.29.132.241
185.86.137.107
185.86.139.89
185.89.210.90
185.89.211.12
192.0.77.48
193.0.160.129
198.148.27.139
198.47.127.19
2.18.235.93
213.19.147.45
23.205.235.133
23.35.236.188
23.35.236.201
23.75.240.210
2602:803:c003:200::21
2606:4700:20::681a:bd1
2606:4700:20::ac43:4bf1
2606:4700:3034::6815:240d
2606:4700::6810:75c3
2606:4700::6812:272
2606:4700::6813:ac6c
2620:1ec:22::14
2a00:1450:4001:802::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2004
2a00:1450:4001:82b::2002
2a00:1450:400d:804::2002
2a02:2638::1c
2a02:2638::3
2a05:d018:24:b001:300d:157:643a:c4ae
2a05:d018:d29:3601:fb24:7ad4:5f4f:4dd3
3.124.238.184
3.126.56.137
3.229.251.39
3.33.220.150
3.67.253.73
3.71.169.66
34.107.148.139
34.247.205.196
34.253.177.61
34.98.64.218
35.157.246.167
35.172.59.108
35.244.174.68
44.196.211.13
51.75.86.98
52.211.60.243
52.46.151.131
52.59.82.25
52.6.206.12
52.95.115.255
54.194.213.220
54.229.65.185
54.83.125.176
68.183.0.10
69.166.1.12
69.173.144.139
69.192.160.219
70.42.32.255
70.42.32.63
72.251.249.9
8.43.72.98
94.31.29.32
0152ec54bafb1f951d4dc7585aebae598d2235c78d9e81ade8399006f8eb3b9b
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
04e15c27c7c1e344842fec61d78bfb338739501f6d293a013d57a808efcc3674
07e4f0b5f6e0163f8a8250335476ded300df788560edec377c638b2f703ae12d
09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0
09f2fc735c9d8dcf3442e6e630b5827b0e8232fe612e7e78062e5d68d54013c5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
1219d714e27f186eb7bbf428f0553a2a5a32fd30e6321b10af81582c66fa173d
13324fd7d55ac3c545051632411a5bd4871a79127c2bdb62f6489773e1f496fd
1405305a6c7e58b1bcf4d749acdb0e76c8d90bd6c382c12be990132a9af49a7a
146ffb8e805c3851384b42f4174318250f1eb240aba4ab52308944db5c8a626a
1749dc80450d7fb15ec9761878619b3f6433aca062b4eb7df9ac73124764bea6
1c73712d068fc38be7337ed82440f7aca4063eeaf8d812814f6310e7d96e7e32
203b948aa45cab71f786156b2e9c17462a49327aac970cb776e24d217d6fa1f9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
294681665f55ec95bc1a8366ea2aed9838d04962581d573a2d3c22a1dee442b1
328b2cea6f87441a68b4433b9dd02e66ae3143c3e58205743706d84dfc859da6
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b7269fb48372252e877fa66046d0b581be9df67f97057d3887a8b951fbe8a1
426a9888991b5a6c8c5ce1838871925ccb2ce4d38f3c278042cddb195a40fe81
4cf0498d6f16d928751dae8b235dab5e250f65d561f43e2dc20d982efac6016f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53084d7d06040355fa4d9cff83de12d2026e541894202efefb0d555dbfcc5157
5352720a5ffb778e42dbb1d4b81c975c02018dd660e1fe9c430cbf13dba78762
56d6a831ea88ed05bdab82be987d2e38d1382028c210571a89f966e1c50a53dd
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5ffe2122efc9f6a427d8cc5feeb327e4619860cca47e6e300ea08b9ba92789ea
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68b1597693eb99bfa79b38b2bba71c32a63fb49037f882079374f8adff9d8c96
6a2a2dbe0fa48f1113ca9405fe31993bdfd0ff541fc001294545f37fb7c03aa6
6a9f3c83892833387d92f857563b6f3cfdee0277cbc648a932a2718e000e9e42
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bfde5b839e39982ea64aee37f30c596b7424190f801ef459f2b2c6085d407bd
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
8055949c765c65e219aec8e387c224544044c6e38dff199de1c52d8a219addfb
86592bb158c39c7b5065884bfe5601ae7c11fcf21d271e853142756f19cadd27
88724da3173eaf855fc8b8094480d1d923f69c420107501da8d40b503163bcf2
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aea6df584f48909443e8f72428ef04fcbcf1797c69fd6965bc5a05d8f097e2e
8c8fbe682cbc379679594e07cbd1e6b7f8ff88901ba51e0275f8d92deec033a5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
95c0afe9d236bd88c9e46dd9920becccce31cf9ad471b856ca511913e18ac5b2
96aed84f370995dedd8b2f5bd0478bf2ec64dd23215fb38ce31c87f828a82fc9
a2433b2c0c0a8a3a433701b4d3371219f2fae6790a9ff1187a55f525a24f3d31
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a290f7e586ecb71d04f78a9b17f6e7276465861c7a71967cf1716116dfdf033a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ae4216bfc85c99ffd32e7745f0d7d4cd5f57b714f3a4911176b8cd78a176c97c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27c9e9e9e382b5950bc18470fab9e32c906abe84dddb369b66b8bc23b1d9b87
b8c3d13333c24c5bf6a846a59600a550c03d9a032830304756789e2859f28bc6
bbbb3c423aa395860833f2a5c2eccc3ed3664c33ef1df445ebaf35aca3d5419c
bc3d76655ffb4192823c1dcbce6530a9a0aee2a146f147b80c42ea8b0eda15a6
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c25200420baa25032e6499cf2390dc4c2b91f286ca3ecc75eecc739c9d4336a5
c40cb59c20c73b6b77ed85f2693ebafb9aab3dab9be07e23f29827aa570e7991
c72f57881ea9665da29cc614802f61a04084e06b14de9f1d79ce26273e66a991
cb8223f111e367f49b7019c6cf9a53e2c6c9452173430bccb0d418716c51ac75
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d48f7d7bc477f61c161f38835c0daaead5a64ca51be3656755d0b08c866dfcf2
d4a966050e1fa719ab9044aefb00411c3c19add886ea495ab24d52a9e0c40b6b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de8279221cec92147e41e962754da2e9667fe862dc94f192566fa7bec3d11f11
df243d05e8a30b6dc7c92454bca8717c5b334b718681e2c1cd2cd22e211da34f
e1cd800048d2f608904ca924fab770a46b85cca67de12f3795c01a4c64115df9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e561b725f991c1810c83551c3de0bb2cf15c0020d75ab93cbde33aae3a030f89
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ebe6504b6b9ce1bcf3061c42edffce6c27f0d5b6deb70e66713985156361a307
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ec86865288fdb93c7796bd6b986c78a626ee87e3624887a60f3c5fbcfbc9fca3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11d014279b87c7eccfd62edad88a4567de08a46d2caf338cf51b23b489c7d17
f25edf295a497ff09bf59b6f60213df95e90df9cb56ef3ff3927f57a4fdcfbd3

wheregoes.com Open in urlscan Pro 2606:4700:3034::6815:240d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

167 Requests

78 %HTTPS

24 %IPv6

61 Domains

85 Subdomains

60 IPs

8 Countries

1137 kBTransfer

2966 kBSize

64 Cookies

1 Outgoing links

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wheregoes.com Open in urlscan Pro
2606:4700:3034::6815:240d Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

78 %
HTTPS

24 %
IPv6

61
Domains

85
Subdomains

60
IPs

8
Countries

1137 kB
Transfer

2966 kB
Size

64
Cookies

167 HTTP transactions
5 data transactions