start.waldo.fyi Open in urlscan Pro
3.126.202.50  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response start.waldo.fyi/research_lp/	53 KB 8 KB	122ms 16ms	Document text/html	3.126.202.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-126-202-50.eu-central-1.compute.amazonaws.com Software / Resource Hash 4542013c641540ea28b3886d91aa9b2641dcac0d3680aa898d4a0ba4231afd70 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers connection close content-encoding gzip content-location https://start.waldo.fyi/research_lp/ content-type text/html; charset=UTF-8 date Wed, 22 Jun 2022 08:36:23 GMT etag "a:f805a1e3c4871432d1e696d14423d2d6" last-modified Fri, 10 Jun 2022 18:56:21 GMT link <https://start.waldo.fyi/research_lp/>; rel="canonical" p3p CP="This is not a privacy policy." transfer-encoding chunked x-proxy-backend page-server x-unbounce-pageid 5003cbd5-ae82-440e-beef-2c894a2b1c54 x-unbounce-variant a x-unbounce-visitorid 486da800-23ef-47d7-9989-b32572c49278
GET H2	200	main-7b78720.z.css builder-assets.unbounce.com/published-css/	15 KB 3 KB	36ms 7ms	Stylesheet text/css	143.204.89.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-css/main-7b78720.z.css Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-45.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Sat, 05 Feb 2022 01:12:18 GMT content-encoding gzip last-modified Tue, 18 Jan 2022 22:28:54 GMT server AmazonS3 age 11863447 etag "43729a62fb549c1f6784cd5cc32082e0" x-cache Hit from cloudfront x-amz-version-id kJDetr_gaa4mXuLbtL4sIGZNSy2Uu.RY via 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type text/css content-length 2902 x-amz-cf-id i50Nlz9g4gcDcexOqYWE3muB2cQlF9o_SlpBroEJzAYUtH0xuXxpyw==
GET H2	200	ub.js Show response d34qb8suadcc4g.cloudfront.net/	5 KB 2 KB	25ms 8ms	Script application/javascript	2600:9000:2156:8800:1d:11cf:5800:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266 Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:8800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 05 May 2022 12:14:08 GMT content-encoding gzip last-modified Thu, 15 Apr 2021 19:15:08 GMT server AmazonS3 age 4134137 etag "f6420c864830b5860bfaadd47a2bb21b" x-cache Hit from cloudfront x-amz-version-id bKC28ufbc849z_LglraHgQe9TbPw1SIU via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript content-length 1856 x-amz-cf-id b6PI4KGRIEzTtN_O5zVWWeq_nxxSHBwc4_q06HKVFQC4PrOAUA947g==
GET H2	200	main.bundle-7a80b17.z.js Show response builder-assets.unbounce.com/published-js/	103 KB 33 KB	9ms 8ms	Script application/javascript	143.204.89.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.89.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-89-45.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Wed, 11 May 2022 15:50:20 GMT content-encoding gzip last-modified Wed, 11 May 2022 15:25:07 GMT server AmazonS3 age 3602765 etag "115451db447a15fd94ca1eec82178c7c" x-cache Hit from cloudfront x-amz-version-id hO9WFSZalI7CFVogzNPJaI4zzDMeqqnQ via 1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript content-length 33491 x-amz-cf-id PaZhhVO2qylHvEhoihxoo_U1N5ITYyOFH-05Ox62Am72AgB9fcqM-g==
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	29ms 6ms	Script text/javascript	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 5495 date Wed, 22 Jun 2022 07:04:49 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Wed, 22 Jun 2022 09:04:49 GMT
GET H2	404	gtm.js www.googletagmanager.com/	0 0	38ms 15ms	Script text/html	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=%20GTM-PNTWHJZ Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers
GET DATA	200 OK	truncated /	42 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	sp-2.14.0.js Show response d34qb8suadcc4g.cloudfront.net/	98 KB 30 KB	8ms 8ms	Script application/javascript	2600:9000:2156:8800:1d:11cf:5800:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js Requested by Host: d34qb8suadcc4g.cloudfront.net URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:8800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Mon, 23 May 2022 06:02:31 GMT content-encoding gzip last-modified Wed, 04 Nov 2020 01:35:32 GMT server AmazonS3 age 2601234 etag "73de733c308b8b5e44d2a6242dc4bd99" x-cache Hit from cloudfront x-amz-version-id rVTqklA1qqyT_0VdOCY323BKPISR0uej via 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type application/javascript content-length 30399 x-amz-cf-id 1SHAvdbtcjsNK0rUehA0EQLJsU8PYS9vEHXmGWr1JubJDsNhRAHuDQ==
GET BLOB	200 OK	8d8f78b2-9cad-492c-a933-f70b43dfdff5 https://start.waldo.fyi/	5 KB 0		Stylesheet text/css
General Check archive.org Show headers Download Go to Full URL blob:https://start.waldo.fyi/8d8f78b2-9cad-492c-a933-f70b43dfdff5 Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers Content-Length 5603 Content-Type text/css
GET H2	200	css fonts.googleapis.com/	7 KB 1 KB	42ms 16ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular Requested by Host: builder-assets.unbounce.com URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b0dc857f0259e4e969a66ab301a52d36c92258475fe98fb28a23783273b7a5de Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Wed, 22 Jun 2022 08:36:24 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Wed, 22 Jun 2022 08:36:24 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 22 Jun 2022 08:36:24 GMT
GET H2	200	888cd57a-waldo-logo-white_103v010000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	1 KB 2 KB	36ms 10ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/888cd57a-waldo-logo-white_103v010000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash f39775f1f32e83311ed940e1607da40b095fafa65d2f1929721f1aac301f6f4b Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 11:30:38 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 75946 etag "72a11ad5edc2ad213086494336773faf" x-cache Hit from cloudfront x-amz-version-id Hbb2RakkfH5xmTdhslc1d4QrcLNHgA4W cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 1465 x-amz-cf-id oYxzLkU2QdgWtTlmn5MVi98wQY5s6WDSbXCG3x0PXfPpc4F4P3WXMg==
GET H2	200	0196f7f9-waldo-logo_103400t000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	1022 B 1 KB	35ms 9ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/0196f7f9-waldo-logo_103400t000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 64bdfcb0abd313c0a947a3987c8c50f7e594d7282fb3c952109265eafe9593b4 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:19 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "9d9e235e2d7d9cca33b359941bf9140c" x-cache Hit from cloudfront x-amz-version-id nd.MfBg3oAxCd5QY93LP1LNZNQzoqzTS cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 1022 x-amz-cf-id gpUhNa7CEuD0LzQ9YfjKE5KhXrCXsJGS03WDDBYSEsknrg3fqgooqg==
GET H2	200	123ece73-folder_1018018000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	506 B 897 B	38ms 12ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/123ece73-folder_1018018000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash e15876ba9db6c73c94088a22315b26d5384dc93b6db9966647c2c003e8ca1ab3 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:18 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "b6b9ebe4f01dc5272cfae5618dd0ee75" x-cache Hit from cloudfront x-amz-version-id x.k3U.C5yeZMPBxRMDuu0BR7WkWKTJeE cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 506 x-amz-cf-id 7WnGy9TngShhRtxibqtcPl9IX_FbgQqbCjoAuPUpdYEu0m6pqnb9ag==
GET H2	200	8163fd25-love_1012012000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	584 B 975 B	36ms 11ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/8163fd25-love_1012012000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 92ec3a9b5d9bc2a8fb8abd04f3316261acf0f3f717f05dc63bc095f91eb8b095 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:18 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "ce4d16a0a075094dcd6e98ba04a0cf1b" x-cache Hit from cloudfront x-amz-version-id TAjVqaC8TAJiUv2L_eJf6doLxZcdXkAk cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 584 x-amz-cf-id Y9ntMUg433BXM6hP-rGF2zZ234N62q9YJ7suMTjPNtaX5hijytlTxw==
GET H2	200	5b90f216-textio_102l01d000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	866 B 1 KB	38ms 13ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/5b90f216-textio_102l01d000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 25003de693aabb38f4bd8c293f4d515420ee4b711763712e76add0778c4b3c6b Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:18 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "7b2838c0b9f1f0ce43649926389b7fce" x-cache Hit from cloudfront x-amz-version-id 54N5ELOQ3hMfda7.R4FvHfpuG7w4fRyS cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 866 x-amz-cf-id Afk5Xs4MYz3cVh-J_PWRYYcvKHInzFjmlKfgTfsX4kJBHlJjZPPc5w==
GET H2	200	5e58a377-cox_108304807b04800g000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	3 KB 3 KB	37ms 12ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/5e58a377-cox_108304807b04800g000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash eea5e230d98e10967645cd286805c194fec3a750c7ec9c3c202307f4297f5123 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:18 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "5a5a696336f254b042417d4921041d12" x-cache Hit from cloudfront x-amz-version-id jJMcRpy2_TeYbFp6pQ9_TbiIXLi_Q4Zy cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 3097 x-amz-cf-id 4KK8KXmbJmge7Yh_xu4q6L7u8LMbx6lBBBY2CnsXKDVh8ied97DQow==
GET H2	200	5c522ac2-mck_108a02j000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	4 KB 5 KB	13ms 12ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/5c522ac2-mck_108a02j000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 8c621805198fcdf1fd712edb9671483c42459819342e947824b8d21cd49617d2 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:19 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "d80c807056603814a65e113faeb7bc5b" x-cache Hit from cloudfront x-amz-version-id .CzUuPLjfGHYYKZ47JTFEKcR0xXs8skn cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 4431 x-amz-cf-id -ucj-GT360_0sivNa3W-Li1Irg4BL1Xp5KgUSwRf9aJbfduSnzw7rg==
GET H2	200	ab0a0b80-arrow_1018018000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	434 B 825 B	12ms 11ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ab0a0b80-arrow_1018018000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash fcfd437feb73f0c7109ae8227967e93e639c8f7b740e25bc384e2b2bc01b8f13 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:19 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "2a1b0a29eb7be01c723b6542e036b2eb" x-cache Hit from cloudfront x-amz-version-id 4k15EZyH2Jx6BY1DoacxowiguvycSFJj cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 434 x-amz-cf-id otwZxnkRO-7LhuJRFrVbM4W5_N_vksOmfIsaPPOkx5Sglicges3TUw==
GET H2	200	ecaf6d7c-idea_1013013000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	550 B 941 B	12ms 11ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ecaf6d7c-idea_1013013000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 0a5ccbcfde82540dd50d800f4565fc2e27e9bdd271cf5526bfa445924a11cb9e Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:19 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "a1ba14487783e14cecef223241c27f73" x-cache Hit from cloudfront x-amz-version-id bvJbpokwYjLUmwNiAsYWH03ack9434Qd cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 550 x-amz-cf-id fzSAtskgPxgMtHKJYwqqjkWEHt9_Ydh_wM_hoLvop4G9cujIoFX1vg==
GET H2	200	7234cff4-meta-logo_102b00v000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	786 B 1 KB	14ms 13ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/7234cff4-meta-logo_102b00v000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash aec83331dda135def59bbdaad81a815bfb0b46e2f96c41af7886322a73c209e1 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:19 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "ba153e420f6ef64bbf903a74fd7083d5" x-cache Hit from cloudfront x-amz-version-id 42E92Tv4FXN_7e31geeqk1kFKB_xne6_ cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 786 x-amz-cf-id z-AM7Kdrs81a_IxzUBbPA87VL1FyJHtDCin1goVp4P0hT7OmBY3bXg==
GET H2	200	6643a81e-bloomberg-logo_103p01e000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	1 KB 1 KB	13ms 12ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/6643a81e-bloomberg-logo_103p01e000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash d19d1df12e748f61075b4d4efa3396577e7a21e924e741e060d02645997d0662 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:19 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "99e014db102e3e5c940852f80e8f73dc" x-cache Hit from cloudfront x-amz-version-id hX0ts61gNcIT4r3gqcLCICuVV2AUjEpp cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 1121 x-amz-cf-id q6ti21LJtoRB8OFqeHrs_6UETotqTaobDSU_5TcYflHVdKcb4u-eMA==
GET H2	200	d2dd3b1d-penn-logo_101z00r000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	546 B 938 B	14ms 14ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/d2dd3b1d-penn-logo_101z00r000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash a4be783d27e91707023ecf7cdca73441e0b6ebfa00c4a446fcd9c8ea353e1886 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:19 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "f1b1f891cb4d41fbf0ec782c0e9cc6a0" x-cache Hit from cloudfront x-amz-version-id pIQ3.AwQsbViRUqOH3O_ONP.PEYpJK68 cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 546 x-amz-cf-id PtOIrzGHOwRtzPt1tJbhtM-k05KXtTaQUqf7_h7lj8LrNM_1-ubdYw==
GET H2	200	f1a667b9-stanford-logo_1033015000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	1 KB 2 KB	15ms 14ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/f1a667b9-stanford-logo_1033015000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash 41e6e658d7a0ac2d5920b575878e44b1a11ddd44240d73700a798515da11085b Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:19 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "e663d7d8dbce3d84fee68f943786cfa6" x-cache Hit from cloudfront x-amz-version-id g57TL34oCMrdAgTw2Cnpx.H.m1zhIxwM cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 1155 x-amz-cf-id pIV3bv7LBPJlApEEHQCqxQ6ASFujg8LSEAjt-IMUNv_HthpIixIeLA==
GET H2	200	a90d8afa-unilever-logo_103b019000000000000028.png d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/	2 KB 2 KB	16ms 15ms	Image image/png	143.204.101.182 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/a90d8afa-unilever-logo_103b019000000000000028.png Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.101.182 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-101-182.fra50.r.cloudfront.net Software AmazonS3 / Resource Hash a2b5ab7172c0d94a3d318c18721d373d45088b2750381f209e8cc042cbf96469 Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 03:00:19 GMT via 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront) last-modified Fri, 10 Jun 2022 18:56:21 GMT server AmazonS3 age 106566 etag "31d9f916773408968511a61a1a4fe843" x-cache Hit from cloudfront x-amz-version-id gcEGuRhHvb2gon5ocsVvB1G2GpbfDjOx cache-control max-age=31557600 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-type image/png content-length 1592 x-amz-cf-id gcBqJLGlAkJQMavM8mZLpyn0yyUSqC1IorXWwj4uoT-dPnlT3vaDDw==
POST H2	200	collect Show response www.google-analytics.com/j/	2 B 207 B	14ms 13ms	XHR text/plain	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=305394524&t=pageview&_s=1&dl=https%3A%2F%2Fstart.waldo.fyi%2Fresearch_lp%2F%3Futm_campaign%3Dcore1exp8%26utm_medium%3Demail%26utm_source%3Dapollo&dp=%2Fresearch_lp%2Fa%3Futm_campaign%3Dcore1exp8%26utm_medium%3Demail%26utm_source%3Dapollo&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=413597680&gjid=833544822&cid=1270244473.1655886984&tid=UA-202760123-1&_gid=2009801920.1655886984&_r=1&_slc=1&z=201530267 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://start.waldo.fyi/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Wed, 22 Jun 2022 08:36:24 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://start.waldo.fyi cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	i events.ub-analytics.com/	43 B 245 B	302ms 99ms	Image image/gif	3.208.238.83 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://events.ub-analytics.com/i?stm=1655886984155&e=pv&url=https%3A%2F%2Fstart.waldo.fyi%2Fresearch_lp%2F%3Futm_campaign%3Dcore1exp8%26utm_medium%3Demail%26utm_source%3Dapollo&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=a985d0d0-c6f0-4030-b838-adaa420d3e92&dtm=1655886984153&vp=1600x1200&ds=1600x2494&vid=1&sid=1fda0456-5831-41de-a23e-208b123fac10&duid=5950f4ef-b294-469a-ae2b-9ca141173e2a&uid=486da800-23ef-47d7-9989-b32572c49278&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNTAwM2NiZDUtYWU4Mi00NDBlLWJlZWYtMmM4OTRhMmIxYzU0IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0 Requested by Host: start.waldo.fyi URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.208.238.83 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-208-238-83.compute-1.amazonaws.com Software akka-http/10.0.9 / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers access-control-allow-origin * date Wed, 22 Jun 2022 08:36:24 GMT access-control-allow-credentials true server akka-http/10.0.9 p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA" content-length 43 content-type image/gif
GET H2	200	u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 fonts.gstatic.com/s/cabin/v24/	26 KB 26 KB	40ms 17ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cabin/v24/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 832a9f68685073e8318db12a164566b0baedc599bdf72cca29f9a4c188506053 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://start.waldo.fyi accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Thu, 16 Jun 2022 21:16:34 GMT x-content-type-options nosniff age 472790 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 26244 x-xss-protection 0 last-modified Thu, 21 Apr 2022 17:32:02 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 16 Jun 2023 21:16:34 GMT
GET H2	200	jizaRExUiTo99u79D0KExQ.woff2 fonts.gstatic.com/s/ptsans/v17/	44 KB 44 KB	35ms 14ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://start.waldo.fyi accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Wed, 15 Jun 2022 19:26:32 GMT x-content-type-options nosniff age 565792 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45300 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 15 Jun 2023 19:26:32 GMT
GET H2	200	tDbN2oWUg0MKqSIg75Tv.woff2 fonts.gstatic.com/s/arvo/v20/	17 KB 17 KB	39ms 21ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/arvo/v20/tDbN2oWUg0MKqSIg75Tv.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f4f6eb6108318d28f97fb6aa700ad42c8d021f1135ef332efed037eb5cc56a60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://start.waldo.fyi accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Wed, 15 Jun 2022 10:06:47 GMT x-content-type-options nosniff age 599377 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16932 x-xss-protection 0 last-modified Tue, 19 Apr 2022 18:53:24 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 15 Jun 2023 10:06:47 GMT
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 24 KB	26ms 8ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://start.waldo.fyi accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Tue, 21 Jun 2022 17:07:14 GMT x-content-type-options nosniff age 55750 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 21 Jun 2023 17:07:14 GMT
GET H2	200	6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 fonts.gstatic.com/s/sourcesanspro/v21/	12 KB 12 KB	33ms 22ms	Font font/woff2	2a00:1450:4001:80b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://start.waldo.fyi accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers date Wed, 15 Jun 2022 20:15:42 GMT x-content-type-options nosniff age 562842 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12580 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:19:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 15 Jun 2023 20:15:42 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2a00:1450:4001:827::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=305394524&t=timing&_s=2&dl=https%3A%2F%2Fstart.waldo.fyi%2Fresearch_lp%2F%3Futm_campaign%3Dcore1exp8%26utm_medium%3Demail%26utm_source%3Dapollo&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=604&pdt=2&dns=90&rrt=0&srt=15&tcp=16&dit=222&clt=222&_gst=166&_gbt=254&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1270244473.1655886984&tid=UA-202760123-1&_gid=2009801920.1655886984&z=991216279 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://start.waldo.fyi/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36 Response headers pragma no-cache date Tue, 21 Jun 2022 23:32:15 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 32649 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| ub string| GoogleAnalyticsObject function| ga object| eventTracker object| dataLayer object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			start.waldo.fyi/research_lp/	1970-01-20 08:23:04	Name: ubpv Value: a%2C5003cbd5-ae82-440e-beef-2c894a2b1c54
			start.waldo.fyi/	1970-01-20 08:17:18	Name: ubvs Value: 486da800-23ef-47d7-9989-b32572c49278
			.waldo.fyi/	1970-01-20 04:02:26	Name: ubvt Value: 486da800-23ef-47d7-9989-b32572c49278
			.waldo.fyi/	1970-01-20 21:29:18	Name: _ga Value: GA1.2.1270244473.1655886984
			.waldo.fyi/	1970-01-20 03:59:33	Name: _gid Value: GA1.2.2009801920.1655886984
			.waldo.fyi/	1970-01-20 03:58:07	Name: _gat Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.googletagmanager.com/gtm.js?id=%20GTM-PNTWHJZ Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
start.waldo.fyi
www.google-analytics.com
www.googletagmanager.com
143.204.101.182
143.204.89.45
2600:9000:2156:8800:1d:11cf:5800:93a1
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
3.126.202.50
3.208.238.83
0a5ccbcfde82540dd50d800f4565fc2e27e9bdd271cf5526bfa445924a11cb9e
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
25003de693aabb38f4bd8c293f4d515420ee4b711763712e76add0778c4b3c6b
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
41e6e658d7a0ac2d5920b575878e44b1a11ddd44240d73700a798515da11085b
4542013c641540ea28b3886d91aa9b2641dcac0d3680aa898d4a0ba4231afd70
64bdfcb0abd313c0a947a3987c8c50f7e594d7282fb3c952109265eafe9593b4
7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
832a9f68685073e8318db12a164566b0baedc599bdf72cca29f9a4c188506053
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c621805198fcdf1fd712edb9671483c42459819342e947824b8d21cd49617d2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92ec3a9b5d9bc2a8fb8abd04f3316261acf0f3f717f05dc63bc095f91eb8b095
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b5ab7172c0d94a3d318c18721d373d45088b2750381f209e8cc042cbf96469
a4be783d27e91707023ecf7cdca73441e0b6ebfa00c4a446fcd9c8ea353e1886
aec83331dda135def59bbdaad81a815bfb0b46e2f96c41af7886322a73c209e1
b0dc857f0259e4e969a66ab301a52d36c92258475fe98fb28a23783273b7a5de
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d19d1df12e748f61075b4d4efa3396577e7a21e924e741e060d02645997d0662
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e15876ba9db6c73c94088a22315b26d5384dc93b6db9966647c2c003e8ca1ab3
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
eea5e230d98e10967645cd286805c194fec3a750c7ec9c3c202307f4297f5123
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39775f1f32e83311ed940e1607da40b095fafa65d2f1929721f1aac301f6f4b
f4f6eb6108318d28f97fb6aa700ad42c8d021f1135ef332efed037eb5cc56a60
fcfd437feb73f0c7109ae8227967e93e639c8f7b740e25bc384e2b2bc01b8f13