copyshrugemoji.com Open in urlscan Pro
13.32.158.194 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://copyshrugemoji.com/
Submission: On October 08 via manual (October 8th 2018, 4:07:18 am UTC) from NZ

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 20 HTTP transactions. The main IP is 13.32.158.194, located in Seattle, United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is copyshrugemoji.com.
TLS certificate: Issued by Amazon on January 30th 2018. Valid for: a year.

This is the only time copyshrugemoji.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.32.158.194 13.32.158.194	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
5	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 2	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1 1	199.16.156.52 199.16.156.52	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
20	11

1 13.32.158.194 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-194.fra56.r.cloudfront.net

copyshrugemoji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s28-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.16.156.52 (San Francisco, United States) 1 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	twitter.com 1 redirects platform.twitter.com syndication.twitter.com	37 KB
4	googlesyndication.com pagead2.googlesyndication.com	127 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	160 B
2	google.com 1 redirects adservice.google.com www.google.com	670 B
2	google.de adservice.google.de www.google.de	599 B
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	facebook.com staticxx.facebook.com www.facebook.com
1	facebook.net connect.facebook.net	64 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	copyshrugemoji.com copyshrugemoji.com	16 KB
20	10

	Domain	Requested by
5	platform.twitter.com	copyshrugemoji.com platform.twitter.com
4	pagead2.googlesyndication.com	copyshrugemoji.com pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	www.facebook.com	connect.facebook.net
1	syndication.twitter.com	1 redirects
1	www.google.de	copyshrugemoji.com
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	staticxx.facebook.com	connect.facebook.net
1	connect.facebook.net	copyshrugemoji.com
1	www.googletagmanager.com	copyshrugemoji.com
1	copyshrugemoji.com
20	15

This site contains no links.

Subject Issuer	Validity	Valid
copyshrugemoji.com Amazon	`2018-01-30` - `2019-02-28`	a year	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2018-09-18` - `2018-12-11`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2018-09-18` - `2018-12-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2017-12-02` - `2018-12-05`	a year	crt.sh
*.google.com Google Internet Authority G3	`2018-09-18` - `2018-12-11`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2018-09-18` - `2018-12-11`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://copyshrugemoji.com/
Frame ID: CCBFDC92F0C2BDA13A8A62F4A8999EB0
Requests: 12 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/trnHszv6jVd.js?version=42
Frame ID: B876B411FEF2D3CF128E0713D67A1EBF
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d8c3ececb2f3e7c69df1a2b5ba9241a5.html?origin=https%3A%2F%2Fcopyshrugemoji.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 49CF3BAD380852E3C46187FB049E2BFD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20181001/r20180604/zrt_lookup.html
Frame ID: F0AB09FAB0C4D4FA28272ECAEA2187CB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20181001/r20180604/show_ads_impl.js
Frame ID: 9C012C813F16235B96B150452128AA4D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.d8c3ececb2f3e7c69df1a2b5ba9241a5.en.html
Frame ID: 7F773E5572E80BF4D967E4797BE1780C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1878397330895234&output=html&h=280&slotname=5409805630&adk=3274085665&adf=854766408&w=336&lmt=1517457537&guci=1.2.0.0.2.2.0&format=336x280&url=https%3A%2F%2Fcopyshrugemoji.com%2F&flash=0&wgl=1&adsid=NT&dt=1538971627727&bpp=11&bdt=127&fdt=14&idt=81&shv=r20181001&cbv=r20180604&saldr=aa&abxe=1&correlator=6060392018627&frm=20&pv=2&ga_vid=1649696570.1538971628&ga_sid=1538971628&ga_hid=1892359674&ga_fc=0&iag=0&icsg=133640&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20195144%2C21060853%2C26835106&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1102883750&ifi=1&fsb=1&xpc=1oLFeicaQC&p=https%3A//copyshrugemoji.com&dtd=99
Frame ID: 95ED89D2907516EDADDE7AE6EE6A70E5
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: CD1F3E2E1033F9FCFC06BD514655ED8A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.11/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FtrnHszv6jVd.js%3Fversion%3D42%23cb%3Df2dc57131e0ac3%26domain%3Dcopyshrugemoji.com%26origin%3Dhttps%253A%252F%252Fcopyshrugemoji.com%252Ff1687cb8fce86bc%26relation%3Dparent.parent&container_width=42&href=https%3A%2F%2Fcopyshrugemoji.com%2F&layout=button&locale=en_US&mobile_iframe=true&sdk=joey&size=large
Frame ID: DB039A2DC54F9F3071652D6F7CE29372
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /AmazonS3/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^google_ad_/i
env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Page Statistics

20
Requests

100 %
HTTPS

79 %
IPv6

10
Domains

15
Subdomains

11
IPs

2
Countries

291 kB
Transfer

839 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://www.google-analytics.com/r/collect?v=1&_v=j70&a=1892359674&t=pageview&_s=1&dl=https%3A%2F%2Fcopyshrugemoji.com%2F&ul=en-us&de=UTF-8&dt=%E2%80%BE%5C_(%E3%83%84)_%2F%E2%80%BE%20-%20Copy%20the%20Shrug%20Emoji&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=210610361&gjid=781626146&cid=1649696570.1538971628&tid=UA-6242674-21&_gid=1829238306.1538971628&_r=1&gtm=ua1&z=877585429 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6242674-21&cid=1649696570.1538971628&jid=210610361&_gid=1829238306.1538971628&gjid=781626146&_v=j70&z=877585429 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6242674-21&cid=1649696570.1538971628&jid=210610361&_v=j70&z=877585429 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6242674-21&cid=1649696570.1538971628&jid=210610361&_v=j70&z=877585429&slf_rd=1&random=2604714029

Request Chain 17

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
copyshrugemoji.com/ 41 KB
16 KB 64ms
14ms Document
text/html 13.32.158.194
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://copyshrugemoji.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-194.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0dba362cd2a1514afc75b851a47ac4eb8e21abdd0f88b5073f785f35470a7822

Request headers

:method: GET
:authority: copyshrugemoji.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
content-type: text/html
date: Thu, 01 Feb 2018 04:07:51 GMT
last-modified: Thu, 01 Feb 2018 03:58:57 GMT
server: AmazonS3
content-encoding: gzip
age: 21513557
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3664cc1fd21a07e55327a9c256fa758a.cloudfront.net (CloudFront)
x-amz-cf-id: QuaHB-fEtRBArCETN7GnQVZxFeDqWe9SzfUMQWz6APpSLHVKJP9TLg==

GET
S 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 74 KB
28 KB 61ms
18ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: copyshrugemoji.com
URL: https://copyshrugemoji.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

989ce248c12d71473f0c8989d3204904d4c196a09bb83aa37a2601651d4e1eab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Oct 2018 04:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27992
x-xss-protection: 1; mode=block
server: cafe
etag: 17927252316649820248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 08 Oct 2018 04:07:07 GMT

GET
S 200 js Show response
www.googletagmanager.com/gtag/ 79 KB
28 KB 53ms
53ms Script
application/javascript 2a00:1450:4001:81d::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-6242674-21

Requested by

Host: copyshrugemoji.com
URL: https://copyshrugemoji.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

4759ab44f828cd10a3245699361d310f89d93a08bd96887c28559a9dc74815a4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Oct 2018 04:07:07 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 28974
x-xss-protection: 1; mode=block
expires: Mon, 08 Oct 2018 04:07:07 GMT

GET
S 200 sdk.js Show response
connect.facebook.net/en_US/ 212 KB
64 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: copyshrugemoji.com
URL: https://copyshrugemoji.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e0a3e6b3ac2180e9ea81251115b4b9fb6a29e7f598a3477a37474d36114d14f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BOZc1EtjIbunLcrzdCsmwA==
status: 200
content-length: 65704
x-xss-protection: 0
x-fb-debug: qY0oP3HOSP0NFoRFEqQenXMGsN2MklMqhgzzwhnK9vVYOGDwGXYioW8HQZsSvJsTTJ6EDqQGq1YdcVrBIyq8lw==
x-fb-content-md5: ba13fbe64b87476420b36207bc03582a
x-frame-options: DENY
date: Mon, 08 Oct 2018 04:07:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "ac54125a693b2c2cb220b5baf6829515"
timing-allow-origin: *
expires: Mon, 08 Oct 2018 04:18:41 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 118 KB
35 KB 20ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: copyshrugemoji.com
URL: https://copyshrugemoji.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DE) /
Resource Hash: be8dcda1ab33ae50b2a9e5ae68529da965645db08723187179910e9b5ac9ad8a

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Oct 2018 04:07:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Oct 2018 19:40:00 GMT
Server: ECS (fcn/40DE)
Etag: "4370d1e1a7c150b8cb6f202e24fd6d84+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 35356

GET
H2 200 trnHszv6jVd.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame B876 0
0 32ms
6ms Document
text/html 2a03:2880:f01c:216:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/trnHszv6jVd.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/trnHszv6jVd.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://copyshrugemoji.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://copyshrugemoji.com/

Response headers

status: 200
expires: Sun, 06 Oct 2019 03:25:24 GMT
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: DRFQxUSON8R/bWPwNesyxmQisLgSWvZemJj5QwJH5sC+f201A5ToMkmS9j4WVTynSaDlfbMs6DibG9zNS4kjWQ==
content-length: 14166
date: Mon, 08 Oct 2018 04:07:07 GMT

GET
H/1.1 200
OK widget_iframe.d8c3ececb2f3e7c69df1a2b5ba9241a5.html
platform.twitter.com/widgets/ Frame 49CF 0
0 14ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d8c3ececb2f3e7c69df1a2b5ba9241a5.html?origin=https%3A%2F%2Fcopyshrugemoji.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AD) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://copyshrugemoji.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://copyshrugemoji.com/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Oct 2018 04:07:07 GMT
Etag: "e3ed684480c273645854c25215f7a43c+gzip"
Last-Modified: Thu, 04 Oct 2018 19:39:02 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AD)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5879

GET
H/1.1 200
OK button.3ebb4253c7cb2cc3c9eaac42044fc82c.js Show response
platform.twitter.com/js/ 4 KB
2 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.3ebb4253c7cb2cc3c9eaac42044fc82c.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4194) /
Resource Hash: 88b74fc1273d791411862278b6a6e282a7086f0e7a6a9a450edc6a2c1c26d6ee

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Mon, 08 Oct 2018 04:07:07 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Oct 2018 19:38:55 GMT
Server: ECS (fcn/4194)
Etag: "319271f510c69e13eb1ef42e5aa76c1d+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=315360000
Content-Type: application/javascript; charset=utf-8
Content-Length: 1395

GET
S 200 analytics.js Show response
www.google-analytics.com/ 42 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81d::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6242674-21

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

316fe2ef7b6caac81936e79571e2e0b742200f1c5b0e02d6bdeeb375eb419026

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Oct 2018 17:56:18 GMT
server: Golfe2
age: 5868
date: Mon, 08 Oct 2018 02:29:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 17285
expires: Mon, 08 Oct 2018 04:29:19 GMT

GET
S 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
490 B 61ms
14ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=copyshrugemoji.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Oct 2018 04:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
490 B 60ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=copyshrugemoji.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 08 Oct 2018 04:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 104
x-xss-protection: 1; mode=block

GET
S 200 ca-pub-1878397330895234.js Show response
pagead2.googlesyndication.com/pub-config/r20160913/ 133 B
277 B 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pub-config/r20160913/ca-pub-1878397330895234.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 07 Oct 2018 17:22:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Oct 2018 01:36:33 GMT
server: sffe
age: 38673
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=43200
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 125
x-xss-protection: 1; mode=block
expires: Mon, 08 Oct 2018 05:22:34 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20181001/r20180604/ Frame F0AB 0
0 6ms
6ms Document
text/html 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20181001/r20180604/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20181001/r20180604/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://copyshrugemoji.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://copyshrugemoji.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 02 Oct 2018 12:23:31 GMT
expires: Tue, 16 Oct 2018 12:23:31 GMT
content-type: text/html; charset=UTF-8
etag: 12810928231326100212
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6940
x-xss-protection: 1; mode=block
cache-control: public, max-age=1209600
age: 488616
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"

GET
S 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20181001/r20180604/ Frame 9C01 196 KB
73 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181001/r20180604/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

41493b348fa58a7336470f75b078d7112cabeb329f1c695338ac0ecdd0da5651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 08 Oct 2018 04:07:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 74347
x-xss-protection: 1; mode=block
server: cafe
etag: 666384049943747943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Oct 2018 04:07:07 GMT

GET
H/1.1 200
OK tweet_button.d8c3ececb2f3e7c69df1a2b5ba9241a5.en.html
platform.twitter.com/widgets/ Frame 7F77 0
0 10ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/tweet_button.d8c3ececb2f3e7c69df1a2b5ba9241a5.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41D7) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://copyshrugemoji.com/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://copyshrugemoji.com/

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Oct 2018 04:07:07 GMT
Etag: "b9dedebc3b47985b9b89e6956de94e11+gzip"
Last-Modified: Thu, 04 Oct 2018 19:39:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41D7)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 12561

GET
S

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j70&a=1892359674&t=pageview&_s=1&dl=https%3A%2F%2Fcopyshrugemoji.com%2F&ul=en-us&de=UTF-8&dt=%E2%80%BE%5C_(%E3%83%84)_%2F%E2%80%BE%20-%20Copy%20the...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6242674-21&cid=1649696570.1538971628&jid=210610361&_gid=1829238306.1538971628&gjid=781626146&_v=j70&z=877585429
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6242674-21&cid=1649696570.1538971628&jid=210610361&_v=j70&z=877585429
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6242674-21&cid=1649696570.1538971628&jid=210610361&_v=j70&z=877585429&slf_rd=1&random=2604714029

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6242674-21&cid=1649696570.1538971628&jid=210610361&_v=j70&z=877585429&slf_rd=1&random=2604714029

Requested by

Host: copyshrugemoji.com
URL: https://copyshrugemoji.com/

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:806::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Oct 2018 04:07:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 08 Oct 2018 04:07:07 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-6242674-21&cid=1649696570.1538971628&jid=210610361&_v=j70&z=877585429&slf_rd=1&random=2604714029
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 95ED 0
0 187ms
186ms Document
text/html 172.217.18.2
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1878397330895234&output=html&h=280&slotname=5409805630&adk=3274085665&adf=854766408&w=336&lmt=1517457537&guci=1.2.0.0.2.2.0&format=336x280&url=https%3A%2F%2Fcopyshrugemoji.com%2F&flash=0&wgl=1&adsid=NT&dt=1538971627727&bpp=11&bdt=127&fdt=14&idt=81&shv=r20181001&cbv=r20180604&saldr=aa&abxe=1&correlator=6060392018627&frm=20&pv=2&ga_vid=1649696570.1538971628&ga_sid=1538971628&ga_hid=1892359674&ga_fc=0&iag=0&icsg=133640&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20195144%2C21060853%2C26835106&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1102883750&ifi=1&fsb=1&xpc=1oLFeicaQC&p=https%3A//copyshrugemoji.com&dtd=99

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181001/r20180604/show_ads_impl.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

172.217.18.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1878397330895234&output=html&h=280&slotname=5409805630&adk=3274085665&adf=854766408&w=336&lmt=1517457537&guci=1.2.0.0.2.2.0&format=336x280&url=https%3A%2F%2Fcopyshrugemoji.com%2F&flash=0&wgl=1&adsid=NT&dt=1538971627727&bpp=11&bdt=127&fdt=14&idt=81&shv=r20181001&cbv=r20180604&saldr=aa&abxe=1&correlator=6060392018627&frm=20&pv=2&ga_vid=1649696570.1538971628&ga_sid=1538971628&ga_hid=1892359674&ga_fc=0&iag=0&icsg=133640&dssz=15&mdo=0&mso=0&u_tz=0&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20195144%2C21060853%2C26835106&oid=3&rx=0&eae=0&fc=528&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&ppjl=u&pfx=0&fu=16&bc=7&osw_key=1102883750&ifi=1&fsb=1&xpc=1oLFeicaQC&p=https%3A//copyshrugemoji.com&dtd=99
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://copyshrugemoji.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://copyshrugemoji.com/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 08 Oct 2018 04:07:08 GMT
server: cafe
cache-control: private
content-length: 20222
x-xss-protection: 1; mode=block
set-cookie: test_cookie=CheckForPermission; expires=Mon, 08-Oct-2018 04:22:07 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
expires: Mon, 08 Oct 2018 04:07:08 GMT

GET
S 200 osd.js Show response
pagead2.googlesyndication.com/pagead/js/r20181001/r20180604/ 73 KB
27 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20181001/r20180604/osd.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20181001/r20180604/show_ads_impl.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:80b::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

529c1cbb7d45d75e314a6a272b60becbe6292596f223aaa5031bfee18e5de18c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://copyshrugemoji.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 02 Oct 2018 12:23:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length: 27075
x-xss-protection: 1; mode=block
server: cafe
etag: 4419814973199397027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Oct 2018 12:23:32 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame CD1F
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4197) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Mon, 08 Oct 2018 04:07:08 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Thu, 04 Oct 2018 19:40:00 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4197)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Mon, 08 Oct 2018 04:07:08 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Mon, 08 Oct 2018 04:07:08 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_b
strict-transport-security: max-age=631138519
x-connection-hash: 20c2968765e521e076ea4714fdd347b8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 8
x-transaction: 00260206005dcd77
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H2 200 share_button.php
www.facebook.com/v2.11/plugins/ Frame DB03 0
0 58ms
56ms Document
text/html 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.11/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FtrnHszv6jVd.js%3Fversion%3D42%23cb%3Df2dc57131e0ac3%26domain%3Dcopyshrugemoji.com%26origin%3Dhttps%253A%252F%252Fcopyshrugemoji.com%252Ff1687cb8fce86bc%26relation%3Dparent.parent&container_width=42&href=https%3A%2F%2Fcopyshrugemoji.com%2F&layout=button&locale=en_US&mobile_iframe=true&sdk=joey&size=large

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.11/plugins/share_button.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fconnect%2Fxd_arbiter%2Fr%2FtrnHszv6jVd.js%3Fversion%3D42%23cb%3Df2dc57131e0ac3%26domain%3Dcopyshrugemoji.com%26origin%3Dhttps%253A%252F%252Fcopyshrugemoji.com%252Ff1687cb8fce86bc%26relation%3Dparent.parent&container_width=42&href=https%3A%2F%2Fcopyshrugemoji.com%2F&layout=button&locale=en_US&mobile_iframe=true&sdk=joey&size=large
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://copyshrugemoji.com/
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://copyshrugemoji.com/

Response headers

status: 200
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v2.11
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
cache-control: private, no-cache, no-store, must-revalidate
timing-allow-origin: *
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expect-ct: max-age=86400, report-uri="http://reports.fb.com/expectct/"
pragma: no-cache
x-xss-protection: 0
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset="utf-8"
x-fb-debug: a0u8lgVueNRCKzXu4n5NjiX8CYHvaG56c8ruO+3t9CwdDiNM9mrtPiu1nuipwTweWOyH167rgz9+astK/oreQQ==
date: Mon, 08 Oct 2018 04:07:08 GMT

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 13:00:43	Name: IDE Value: AHWqTUn2QVbTCkIoLRQJ1yytNiaZKYUrF59iKG8HI-6KQ6x6W_Ic5y6F5YU8VJFb
.copyshrugemoji.com/	1970-01-18 19:29:31	Name: _gat_gtag_UA_6242674_21 Value: 1
.copyshrugemoji.com/	1970-01-18 19:30:58	Name: _gid Value: GA1.2.1829238306.1538971628
.copyshrugemoji.com/	1970-01-19 13:00:43	Name: _ga Value: GA1.2.1649696570.1538971628

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
connect.facebook.net
copyshrugemoji.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
platform.twitter.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.32.158.194
172.217.18.2
199.16.156.52
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:81d::2008
2a00:1450:4001:81d::200e
2a00:1450:4001:821::2002
2a00:1450:400c:c00::9c
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0dba362cd2a1514afc75b851a47ac4eb8e21abdd0f88b5073f785f35470a7822
316fe2ef7b6caac81936e79571e2e0b742200f1c5b0e02d6bdeeb375eb419026
41493b348fa58a7336470f75b078d7112cabeb329f1c695338ac0ecdd0da5651
4759ab44f828cd10a3245699361d310f89d93a08bd96887c28559a9dc74815a4
529c1cbb7d45d75e314a6a272b60becbe6292596f223aaa5031bfee18e5de18c
88b74fc1273d791411862278b6a6e282a7086f0e7a6a9a450edc6a2c1c26d6ee
989ce248c12d71473f0c8989d3204904d4c196a09bb83aa37a2601651d4e1eab
ad3f5743027d58f0c5e8b2f074edc3fb50e776ddecdb8a90531fd30407d6ff48
be8dcda1ab33ae50b2a9e5ae68529da965645db08723187179910e9b5ac9ad8a
e0a3e6b3ac2180e9ea81251115b4b9fb6a29e7f598a3477a37474d36114d14f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

copyshrugemoji.com Open in urlscan Pro 13.32.158.194 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

79 %IPv6

10 Domains

15 Subdomains

11 IPs

2 Countries

291 kBTransfer

839 kBSize

4 Cookies

0 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

4 Cookies

Indicators

copyshrugemoji.com Open in urlscan Pro
13.32.158.194 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

79 %
IPv6

10
Domains

15
Subdomains

11
IPs

2
Countries

291 kB
Transfer

839 kB
Size

4
Cookies

20 HTTP transactions
0 data transactions