emojipedia.org Open in urlscan Pro
2606:4700:10::ac43:1ab6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://emojipedia.org/backhand-index-pointing-right/
Submission: On January 15 via api (January 15th 2022, 2:38:25 am UTC) from CH — Scanned from DE

Summary HTTP 184 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 73 IPs in 10 countries across 68 domains to perform 184 HTTP transactions. The main IP is 2606:4700:10::ac43:1ab6, located in United States and belongs to CLOUDFLARENET, US. The main domain is emojipedia.org. The Cisco Umbrella rank of the primary domain is 54985.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.

This is the only time emojipedia.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:10:... 2606:4700:10::ac43:1ab6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:231... 2600:9000:2315:3200:f:458e:2a80:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2600:1fa0:c0c... 2600:1fa0:c0c0:2d0:34db:7141::	16509 (AMAZON-02) (AMAZON-02)
1	52.219.120.234 52.219.120.234	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	151.101.129.194 151.101.129.194	54113 (FASTLY) (FASTLY)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
1	54.177.14.228 54.177.14.228	16509 (AMAZON-02) (AMAZON-02)
2	150.136.156.92 150.136.156.92	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.21.142.98 2.21.142.98	16625 (AKAMAI-AS) (AKAMAI-AS)
5	34.255.245.33 34.255.245.33	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 8	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
1	99.81.30.72 99.81.30.72	16509 (AMAZON-02) (AMAZON-02)
1	3.125.147.153 3.125.147.153	16509 (AMAZON-02) (AMAZON-02)
5	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
10	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1	34.197.208.127 34.197.208.127	14618 (AMAZON-AES) (AMAZON-AES)
13	2606:4700:10:... 2606:4700:10::6816:2460	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2.21.111.28 2.21.111.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	3.125.179.199 3.125.179.199	16509 (AMAZON-02) (AMAZON-02)
1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
5	18.185.195.153 18.185.195.153	16509 (AMAZON-02) (AMAZON-02)
2 4	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
4	2606:4700:20:... 2606:4700:20::ac43:49e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
2 14	2.21.141.232 2.21.141.232	16625 (AKAMAI-AS) (AKAMAI-AS)
2 6	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	67.202.105.24 67.202.105.24	32748 (STEADFAST) (STEADFAST)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
3 6	18.157.225.191 18.157.225.191	16509 (AMAZON-02) (AMAZON-02)
2 2	18.185.153.156 18.185.153.156	16509 (AMAZON-02) (AMAZON-02)
3 5	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	34.102.163.6 34.102.163.6	15169 (GOOGLE) (GOOGLE)
6 9	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a05:d018:d29... 2a05:d018:d29:3602:74fc:7750:9e36:ae36	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
6 6	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
3 4	35.156.69.231 35.156.69.231	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:5400:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	3.65.17.160 3.65.17.160	16509 (AMAZON-02) (AMAZON-02)
1 1	52.20.222.10 52.20.222.10	14618 (AMAZON-AES) (AMAZON-AES)
2 2	188.42.29.196 188.42.29.196	7979 (SERVERS-COM) (SERVERS-COM)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	54.36.109.48 54.36.109.48	16276 (OVH) (OVH)
1	34.247.200.0 34.247.200.0	16509 (AMAZON-02) (AMAZON-02)
2 2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	52.86.150.190 52.86.150.190	14618 (AMAZON-AES) (AMAZON-AES)
1	213.19.147.44 213.19.147.44	3356 (LEVEL3) (LEVEL3)
2	2.21.141.175 2.21.141.175	16625 (AKAMAI-AS) (AKAMAI-AS)
1	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 4	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	72.251.245.181 72.251.245.181	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	34.243.100.214 34.243.100.214	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
1	54.71.47.92 54.71.47.92	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 4	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
7	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Twelve99)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	198.47.127.20 198.47.127.20	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 3	141.94.170.64 141.94.170.64	16276 (OVH) (OVH)
2 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
2 2	52.30.14.23 52.30.14.23	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:10:... 2606:4700:10::6816:1857	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.122.14.34 159.122.14.34	36351 (SOFTLAYER) (SOFTLAYER)
184	73

7 2606:4700:10::ac43:1ab6 (United States)

ASN13335 (CLOUDFLARENET, US)

emojipedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:3200:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:1fa0:c0c0:2d0:34db:7141:: (San Jose, United States)

ASN16509 (AMAZON-02, US)

emojipedia-us.s3.dualstack.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.120.234 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-w.amazonaws.com

emojipedia-us.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.177.14.228 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-14-228.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

newor.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.142.98 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-98.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.255.245.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-245-33.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 37.252.172.38 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.30.72 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-30-72.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.147.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-147-153.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.208.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-208-127.compute-1.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::6816:2460 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

the-eighth-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.21.111.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-111-28.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.179.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-179-199.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.185.195.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-195-153.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.9 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)

rtb.adpone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

23607e767bfd81b0afb8975378da577f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.21.141.232 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-232.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.157.225.191 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-225-191.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.153.156 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-153-156.eu-central-1.compute.amazonaws.com

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.71.131.137 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.163.6 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com

ad.mrtnsvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.184.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:74fc:7750:9e36:ae36 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.126.56.137 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.69.231 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-69-231.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:5400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.65.17.160 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-17-160.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.222.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-222-10.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.29.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.48 (France)

ASN16276 (OVH, FR)
PTR: p03.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.200.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-200-0.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.150.190 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-150-190.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.21.141.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-175.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.132.241 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.181 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.243.100.214 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-100-214.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.71.47.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-47-92.us-west-2.compute.amazonaws.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.142 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Uppsala, Sweden) 2 redirects

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.94.170.64 (France) 3 redirects

ASN16276 (OVH, FR)
PTR: pikafka-7.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loada.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.14.23 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-14-23.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:1857 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	amazonaws.com emojipedia-us.s3.dualstack.us-west-1.amazonaws.com — Cisco Umbrella Rank: 55748 emojipedia-us.s3.amazonaws.com — Cisco Umbrella Rank: 101672	127 KB
14	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 169	147 KB
13	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 437 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	19 KB
13	quantumdex.io useast.quantumdex.io — Cisco Umbrella Rank: 9457 sync.quantumdex.io — Cisco Umbrella Rank: 2854	2 KB
12	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 446 image6.pubmatic.com — Cisco Umbrella Rank: 531 simage2.pubmatic.com — Cisco Umbrella Rank: 481 image2.pubmatic.com — Cisco Umbrella Rank: 862 image4.pubmatic.com — Cisco Umbrella Rank: 741	26 KB
10	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 888	4 KB
10	adnxs.com 5 redirects ib.adnxs.com — Cisco Umbrella Rank: 210 acdn.adnxs.com — Cisco Umbrella Rank: 534 secure.adnxs.com — Cisco Umbrella Rank: 351	24 KB
8	yahoo.com 7 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 404 ups.analytics.yahoo.com — Cisco Umbrella Rank: 249	3 KB
8	googlesyndication.com 23607e767bfd81b0afb8975378da577f.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94 tpc.googlesyndication.com — Cisco Umbrella Rank: 127	38 KB
8	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 272 s.amazon-adsystem.com — Cisco Umbrella Rank: 263	42 KB
7	bidswitch.net 3 redirects grid.bidswitch.net — Cisco Umbrella Rank: 1129 x.bidswitch.net — Cisco Umbrella Rank: 254	2 KB
7	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 569 eb2.3lift.com — Cisco Umbrella Rank: 355	5 KB
7	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 444	122 KB
7	emojipedia.org emojipedia.org — Cisco Umbrella Rank: 54985	64 KB
6	sharethrough.com 1 redirects btlr.sharethrough.com — Cisco Umbrella Rank: 1222 match.sharethrough.com — Cisco Umbrella Rank: 555	803 B
6	33across.com ssc.33across.com — Cisco Umbrella Rank: 1506 ssc-cms.33across.com — Cisco Umbrella Rank: 826	943 B
6	smaato.net prebid.ad.smaato.net — Cisco Umbrella Rank: 3894 s.ad.smaato.net — Cisco Umbrella Rank: 671	2 KB
5	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	2 KB
4	adform.net 3 redirects dmp.adform.net — Cisco Umbrella Rank: 1949 c1.adform.net — Cisco Umbrella Rank: 524	2 KB
4	mathtag.com 4 redirects sync.mathtag.com — Cisco Umbrella Rank: 372	2 KB
4	advertising.com 3 redirects pixel.advertising.com — Cisco Umbrella Rank: 293	1 KB
4	adpone.com rtb.adpone.com — Cisco Umbrella Rank: 14438	3 KB
4	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 609	7 KB
3	onaudience.com 3 redirects pixel.onaudience.com — Cisco Umbrella Rank: 1264	1 KB
3	4dex.io script.4dex.io — Cisco Umbrella Rank: 2396 mp.4dex.io — Cisco Umbrella Rank: 2376	24 KB
3	technoratimedia.com newor.technoratimedia.com — Cisco Umbrella Rank: 35934 ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 3937	7 KB
2	zeotap.com 1 redirects spl.zeotap.com — Cisco Umbrella Rank: 1092 mwzeom.zeotap.com — Cisco Umbrella Rank: 1443	900 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 641	1 KB
2	exelator.com 2 redirects loada.exelator.com — Cisco Umbrella Rank: 18753	2 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4740	637 B
2	rubiconproject.com pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2071 pixel.rubiconproject.com — Cisco Umbrella Rank: 270	478 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 491	644 B
2	quantserve.com 2 redirects pixel.quantserve.com — Cisco Umbrella Rank: 380	1023 B
2	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 832	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1471	1 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com — Cisco Umbrella Rank: 1984	1 KB
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 586	2 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 69 www.google.com — Cisco Umbrella Rank: 8	2 KB
2	openx.net the-eighth-d.openx.net — Cisco Umbrella Rank: 48410 u.openx.net — Cisco Umbrella Rank: 639	469 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
2	gstatic.com 1 redirects ssl.gstatic.com	6 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net — Cisco Umbrella Rank: 1481	72 KB
2	thisiswaldo.com cdn.thisiswaldo.com — Cisco Umbrella Rank: 35796 thisiswaldo.com — Cisco Umbrella Rank: 31419	113 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 631	610 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 574	362 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 656
1	smartadserver.com ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1793	75 B
1	brand-display.com dmp.brand-display.com — Cisco Umbrella Rank: 1461	261 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 606	777 B
1	adroll.com 1 redirects d.adroll.com — Cisco Umbrella Rank: 1320	112 B
1	adgrx.com cm.adgrx.com — Cisco Umbrella Rank: 1205	408 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 649	425 B
1	unrulymedia.com usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 2833
1	extend.tv 1 redirects sync.extend.tv — Cisco Umbrella Rank: 1445	546 B
1	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 184
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 545	1009 B
1	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 6954	289 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 533	301 B
1	bing.com c.bing.com — Cisco Umbrella Rank: 239	592 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 433	704 B
1	mrtnsvr.com 1 redirects ad.mrtnsvr.com — Cisco Umbrella Rank: 1683	248 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 8579	792 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1027	346 B
1	postrelease.com exchange.postrelease.com — Cisco Umbrella Rank: 4841	392 B
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 634	224 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1125	247 B
1	ipfind.co ipfind.co — Cisco Umbrella Rank: 40264	466 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 698	398 B
184	68

	Domain	Requested by
17	emojipedia-us.s3.dualstack.us-west-1.amazonaws.com	emojipedia.org
12	sync.quantumdex.io	cdn.thisiswaldo.com sync.quantumdex.io ssum-sec.casalemedia.com onetag-sys.com ads.pubmatic.com
10	onetag-sys.com	cdn.thisiswaldo.com sync.quantumdex.io onetag-sys.com
9	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
9	cm.g.doubleclick.net	6 redirects eb2.3lift.com ssum-sec.casalemedia.com
8	ib.adnxs.com	5 redirects cdn.thisiswaldo.com acdn.adnxs.com
7	cdn.cookielaw.org	emojipedia.org cdn.cookielaw.org
7	emojipedia.org	emojipedia.org
6	ups.analytics.yahoo.com	6 redirects
6	x.bidswitch.net	3 redirects eb2.3lift.com onetag-sys.com
6	eb2.3lift.com	2 redirects cdn.thisiswaldo.com eb2.3lift.com
5	match.adsrvr.org	3 redirects eb2.3lift.com ssum-sec.casalemedia.com
5	btlr.sharethrough.com	cdn.thisiswaldo.com
5	ssc.33across.com	cdn.thisiswaldo.com
5	prebid.ad.smaato.net	cdn.thisiswaldo.com
4	image2.pubmatic.com	ads.pubmatic.com
4	sync.mathtag.com	4 redirects
4	pixel.advertising.com	3 redirects onetag-sys.com
4	s.amazon-adsystem.com	2 redirects eb2.3lift.com ssum-sec.casalemedia.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	rtb.adpone.com	cdn.thisiswaldo.com
4	ap.lijit.com	2 redirects cdn.thisiswaldo.com
4	c.amazon-adsystem.com	emojipedia.org c.amazon-adsystem.com
4	securepubads.g.doubleclick.net	cdn.thisiswaldo.com securepubads.g.doubleclick.net
3	pixel.onaudience.com	3 redirects
3	simage2.pubmatic.com	ads.pubmatic.com
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com sync.quantumdex.io
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
2	sync.crwdcntrl.net	2 redirects
2	loada.exelator.com	2 redirects
2	image4.pubmatic.com	ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	c1.adform.net	1 redirects ads.pubmatic.com
2	dmp.adform.net	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	ads.pubmatic.com	sync.quantumdex.io ads.pubmatic.com
2	pixel.quantserve.com	2 redirects
2	sync.go.sonobi.com	sync.quantumdex.io
2	ads.betweendigital.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
2	a.sportradarserving.com	2 redirects
2	js-sec.indexww.com	cdn.thisiswaldo.com ssum-sec.casalemedia.com
2	script.4dex.io	cdn.thisiswaldo.com script.4dex.io
2	www.google-analytics.com	emojipedia.org www.google-analytics.com
2	ssl.gstatic.com	1 redirects emojipedia.org
2	newor.technoratimedia.com	cdn.thisiswaldo.com
2	confiant-integrations.global.ssl.fastly.net	cdn.thisiswaldo.com confiant-integrations.global.ssl.fastly.net
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	id.rlcdn.com	onetag-sys.com
1	ssbsync-global.smartadserver.com	onetag-sys.com
1	pixel.rubiconproject.com	onetag-sys.com
1	pixel-eu.rubiconproject.com	onetag-sys.com
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	d.adroll.com	1 redirects
1	cm.adgrx.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	usermatch.targeting.unrulymedia.com	sync.quantumdex.io
1	sync.extend.tv	1 redirects
1	dpm.demdex.net	ssum-sec.casalemedia.com
1	id5-sync.com	sync.quantumdex.io
1	ssp.disqus.com	1 redirects
1	match.sharethrough.com	1 redirects
1	s.ad.smaato.net	sync.quantumdex.io
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	ad.mrtnsvr.com	1 redirects
1	acdn.adnxs.com	cdn.thisiswaldo.com
1	ssc-cms.33across.com	cdn.thisiswaldo.com
1	u.openx.net	cdn.thisiswaldo.com
1	ad-cdn.technoratimedia.com	cdn.thisiswaldo.com
1	www.google.com	tpc.googlesyndication.com
1	23607e767bfd81b0afb8975378da577f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	prebid.a-mo.net	cdn.thisiswaldo.com
1	grid.bidswitch.net	cdn.thisiswaldo.com
1	htlb.casalemedia.com	cdn.thisiswaldo.com
1	the-eighth-d.openx.net	cdn.thisiswaldo.com
1	useast.quantumdex.io	cdn.thisiswaldo.com
1	exchange.postrelease.com	cdn.thisiswaldo.com
1	tlx.3lift.com	cdn.thisiswaldo.com
1	ads.yieldmo.com	cdn.thisiswaldo.com
1	mp.4dex.io	cdn.thisiswaldo.com
1	a.teads.tv	cdn.thisiswaldo.com
1	ipfind.co	cdn.thisiswaldo.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	emojipedia-us.s3.amazonaws.com	emojipedia.org
1	cdn.thisiswaldo.com	emojipedia.org
184	97

This site contains links to these domains. Also see Links.

Domain
instagram.com
twitter.com
en.wikipedia.org
www.yelp.com
www.youtube.com
trends.google.com
nomadlist.com
www.unicode.org
blog.emojipedia.org
unicode.org
www.zedge.net
www.facebook.com
www.instagram.com
tiktok.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2021-04-17` - `2022-05-19`	a year	crt.sh
*.s3-us-west-1.amazonaws.com Amazon	`2021-03-26` - `2022-03-25`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-03-22` - `2022-03-03`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
ipfind.co Amazon	`2022-01-03` - `2023-02-01`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
teads.tv R3	`2022-01-03` - `2022-04-03`	3 months	crt.sh
smaato.net Sectigo ECC Organization Validation Secure Server CA	`2020-07-28` - `2022-10-04`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2021-11-26` - `2022-02-24`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.postrelease.com Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.a-mo.net R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2021-09-25` - `2022-10-27`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2021-12-06` - `2022-06-06`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2021-12-22` - `2022-06-22`	6 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.knorex.com Amazon	`2021-08-26` - `2022-09-24`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://emojipedia.org/backhand-index-pointing-right/
Frame ID: 577095FA7F749B26563777423BAC51A6
Requests: 93 HTTP requests in this frame

Frame: https://23607e767bfd81b0afb8975378da577f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 85FD86F418513E5A72DBABE3B77689F2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4C61601D02FDBB5F2FFEB0AA0F3FC5E3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F0E2EA8943DBCA6FDADFDF0824819A6F
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: FDC37F93D17C39C93A033F3FBE54323D
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1642214299921
Frame ID: E4F1E4CB1B3B103E73CCA56CD86209BA
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.0
Frame ID: 8D3DA4760948B376A7614D0848BAC64D
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 923563D8680B0797AEBDB2973B42FE70
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=12352498
Frame ID: CA464D91A6BC2C134B1AB764BE7E37CE
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 410D9D0AE487DF07184691171DEE630C
Requests: 11 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: A4592B4447C63A058A93669F5C2F08DF
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dVQ06ADzGr6yooaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 6552EBCB374084FED83E48558F9A19BE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7C9A7F013C01F6C9659F3569F5B9BEB6
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: F446DA949719C0066F808EA035891BB7
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: FE0111CEB99B96DEB39A0BB2D7290984
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: C227A42F68647A34A2625010A44EF45E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 279A68E9ECEB2D10ABACBDC39020F2AF
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 3CA9FFA2EEF40AE3426857C42239AACA
Requests: 14 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: AF09361A808E4B387A1EA75E2F1482C3
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=623B2424-441C-4783-8A06-14AC0A1B9166
Frame ID: A57935E5E3CADA9D10212A9E5423F238
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e0161e2-339f-4200-959a-be623bef92d0&gdpr=0&gdpr_consent=
Frame ID: D5386A0F4C5E376E3989077555797E7D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3661663114190975033
Frame ID: 1B745CCE054690D57E33E30D606065F0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 901175839A08822C70E2334063A5C497
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=623B2424-441C-4783-8A06-14AC0A1B9166
Frame ID: FC12CED76808FE53A2FB74692B738F03
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

👉 White Right Pointing Backhand Index EmojiBack ButtonSearch IconFilter Icon

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

184
Requests

77 %
HTTPS

28 %
IPv6

68
Domains

97
Subdomains

73
IPs

10
Countries

880 kB
Transfer

2491 kB
Size

93
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/explore/tags/%F0%9F%91%89/
Title: 👉 on Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/search?q=%F0%9F%91%89
Title: 👉 on Twitter

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/%F0%9F%91%89
Title: 👉 on Wikipedia

Search URL Search Domain Scan URL

URL: http://www.yelp.com/search?find_desc=%F0%9F%91%89
Title: 👉 on Yelp

Search URL Search Domain Scan URL

URL: https://www.youtube.com/results?search_query=%F0%9F%91%89
Title: 👉 on YouTube

Search URL Search Domain Scan URL

URL: https://trends.google.com/trends/explore?q=%F0%9F%91%89
Title: 👉 on Google Trends

Search URL Search Domain Scan URL

URL: https://nomadlist.com/search/%F0%9F%91%89
Title: 👉 on Nomad List

Search URL Search Domain Scan URL

URL: https://www.unicode.org/cgi-bin/GetDocumentLink?L2/07-257
Title: L2/07-257

Search URL Search Domain Scan URL

URL: https://www.unicode.org/cgi-bin/GetDocumentLink?L2/09-026
Title: L2/09-026

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/keith-broni-is-emojipedias-new-editor-in-chief/
Title: 👀 Keith Broni is Emojipedia's New Editor in Chief

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/top-emoji-trends-of-2021/
Title: 📈 Top Emoji Trends of 2021

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/holiday-emojis-are-coming/
Title: 🎄 Holiday Emojis Are Coming

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/new-couple-emojis-come-to-whatsapp/
Title: 💑 New Couple Emojis Come To WhatsApp

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/windows-11-november-2021-emoji-changelog/
Title: 🪟 Windows 11 November 2021 Emoji Changelog

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/samsung-one-ui-4-0-emoji-changelog/
Title: 🦃 Thanksgiving Emojis Get Gobbled Up

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/google-emoji-14-0-changelog/
Title: 🤖 Google Emoji 14.0 Changelog

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Unicode_Standard
Title: Unicode Standard

Search URL Search Domain Scan URL

URL: http://unicode.org/consortium/members.html
Title: voting member of the Unicode Consortium

Search URL Search Domain Scan URL

URL: https://www.zedge.net/
Title: Zedge, Inc

Search URL Search Domain Scan URL

URL: https://twitter.com/emojipedia
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Emojipedia/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/emojipedia/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://tiktok.com/@emojipediaofficial
Title: TikTok

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://ssl.gstatic.com/trends_nrtr/1015_RC10/embed_loader.js HTTP 301
https://ssl.gstatic.com/trends_nrtr/2790_RC04/embed_loader.js

Request Chain 102

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 106

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cad80f15-8c8e-4849-a6a9-874ed4851e1f&ssp=themediagrid

Request Chain 109

https://ad.mrtnsvr.com/sync/triplelift HTTP 302
https://eb2.3lift.com/xuidmid=7976&xuid=Vm56ls2fp&dongle=u6nf

Request Chain 111

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczNjM4NjQxMTEwNjE0NzAwMDc%3D

Request Chain 113

https://pr-bh.ybp.yahoo.com/sync/triplelift/17363864111061470007?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-nwxYpCpE2oT1wMTKy1CuZ9Br6pzsADZ5tdV7ZywY3Q--~A&dongle=0883

Request Chain 116

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=17363864111061470007 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=17363864111061470007&dcc=t

Request Chain 117

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 118

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 119

https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 120

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4e9d420dc3111273db574360

Request Chain 121

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ULovr29E2uFIh2PmMwIJ9HIPbEVLa_ZGmPaPQls-~A

Request Chain 122

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP35bd0f4a-75ac-11ec-8cb4-029c5bbfc4f2 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP35bd0f4a-75ac-11ec-8cb4-029c5bbfc4f2

Request Chain 124

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7589303835506956694

Request Chain 125

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1d938a97-8d3d-4f45-ae7e-8d46a677a3b8

Request Chain 126

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7589303835506956694

Request Chain 127

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=644887bc-4965-ae6d-2978-da7b557accee

Request Chain 128

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=58e52350-9bef-510f-96a4-e080f746d31f

Request Chain 132

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YeIzn-0FNBixR98UV2WfgQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFv6-34EY1ijsQ39Q9aoJM8&google_cver=1&gdpr=1

Request Chain 134

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeIzn_0FNBixR98UV2WfgQAABIsAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeIzn_0FNBixR98UV2WfgQAABIsAAAIB&dcc=t

Request Chain 137

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=rVcfHKhVQ0i2BEIWogdXGPlWSEq2B0Ic_lCSQRoo

Request Chain 138

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0dd94066-9d92-43ca-b3d5-41c7855ca3d6

Request Chain 146

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7325801860547639174

Request Chain 147

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2e0161e2-339f-4200-959a-be623bef92d0&gdpr=1&gdpr_consent=

Request Chain 148

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YeIznwAFlYt2TwBK HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YeIznwAFlYt2TwBK&gdpr=1&_test=YeIznwAFlYt2TwBK

Request Chain 150

https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

Request Chain 151

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433822365527344

Request Chain 154

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D HTTP 302
https://onetag-sys.com/sync/i,1/6f3f61e2-339f-4c00-bb90-ed58996fd3d3

Request Chain 156

https://dmp.adform.net/serving/cookie/match?party=1167&cid=sB8cepWYaDTse_T8MLJRxCxnD-TTDaY4P73Dn8PrkBs HTTP 302
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=sB8cepWYaDTse_T8MLJRxCxnD-TTDaY4P73Dn8PrkBs HTTP 302
https://onetag-sys.com/sync/i,34/5271659981496431387

Request Chain 157

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7589303835506956694

Request Chain 159

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN7XGlsHgRBg4f22fkKjIPU&google_cver=1

Request Chain 163

https://ups.analytics.yahoo.com/ups/58488/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58488/occ?verify=true HTTP 302
https://onetag-sys.com/match/?int_id=92&uid=y-PBk5_vVE2uFX3gRe97rxAYnoGE.oo6jAXcsXeoo-~A

Request Chain 164

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
https://onetag-sys.com/sync/i,29/?tdid=e19ead9c-51c9-40a0-8326-916eac8ad682&ttl=1644806303

Request Chain 165

https://x.bidswitch.net/sync?ssp=onetag HTTP 302
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=CBMmhw0RetMTQCKHXBNu1AZGddMTE3SHDheSGUSo

Request Chain 169

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e0161e2-339f-4200-959a-be623bef92d0&gdpr=0&gdpr_consent=

Request Chain 170

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3661663114190975033

Request Chain 173

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YjskJEQcR4OKBhSsChuRZg%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 174

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2e0161e2-339f-4200-959a-be623bef92d0

Request Chain 175

https://pixel.onaudience.com/?partner=214&mapped=623B2424-441C-4783-8A06-14AC0A1B9166 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9ae2941deb696dda30798f36d57db8b7 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=7cfb4892333300d74395826a559fff72 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=3445295ea6a7fc73 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8b784641-973d-4522-77e1-bd0eafa6b659&reqId=6e07a93d-9868-4c16-78a9-54c8d976c2ee&zcluid=3445295ea6a7fc73&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEAsAqjmDSvIn0VyLwz6eC80&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8b784641-973d-4522-77e1-bd0eafa6b659&reqId=6e07a93d-9868-4c16-78a9-54c8d976c2ee&zcluid=3445295ea6a7fc73&zdid=1332

Request Chain 176

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjIzQjI0MjQtNDQxQy00NzgzLThBMDYtMTRBQzBBMUI5MTY2&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKR_E2tpa1Fk-k53QwL0kKo&google_cver=1

Request Chain 179

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5271659981496431387

Request Chain 180

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e19ead9c-51c9-40a0-8326-916eac8ad682

Request Chain 181

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7589303835506956694&gdpr=0&gdpr_consent=

Request Chain 182

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=623B2424-441C-4783-8A06-14AC0A1B9166&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NUSHh51E2uVP7N80gy_l8RVhNhYIFwU-~A&gdpr=0&gdpr_consent=

184 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
emojipedia.org/backhand-index-pointing-right/ 83 KB
10 KB 424ms
397ms Document
text/html 2606:4700:10::ac43:1ab6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emojipedia.org/backhand-index-pointing-right/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

801695c140c57d7157ad394766e8692061624714d9c061e6c9144d6e252552f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff nosniff
referrer-policy: same-origin
x-frame-options: DENY
expires: Sat, 15 Jan 2022 06:38:07 GMT
cache-control: max-age=14400
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cdbba29da904e19-FRA
content-encoding: gzip

GET
H2 200 emojipedia.0a1b040a6e2c.css
emojipedia.org/static/css/ 16 KB
4 KB 14ms
13ms Stylesheet
text/css 2606:4700:10::ac43:1ab6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emojipedia.org/static/css/emojipedia.0a1b040a6e2c.css

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22fefcdc1585b1fa076041752fe78cbe64544459605751b61c8d1e55e6c977a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/backhand-index-pointing-right/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58702
cf-polished: origSize=16926
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jan 2022 10:19:10 GMT
server: cloudflare
etag: W/"61dffc9e-421e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=345600
cf-ray: 6cdbba2c6d574e19-FRA
expires: Sat, 15 Jan 2022 10:19:57 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 32ms
13ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dMq6iJthjOyg56NOUFVpHQ==
age: 8236
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Mon, 10 Jan 2022 12:53:10 GMT
server: cloudflare
etag: 0x8D9D43827C9A0F5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 2cce3451-501e-0105-4130-066acc000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cdbba2c886b4a55-FRA

GET
H2 200 10175.js Show response
cdn.thisiswaldo.com/static/js/ 405 KB
113 KB 96ms
9ms Script
application/javascript 2600:9000:2315:3200:f:458e:2a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/10175.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:3200:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

b1e1bfc711f45cd7ddc6257755de3ae44807f7f6ec28066c89f748a0437a3e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 14:13:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Jan 2022 14:13:37 GMT
server: Apache/2.4.29 (Ubuntu)
age: 44676
etag: "654c3-5d58b68b506a8-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: mJ_RBQF1m_Dhge-CUL-N6xUfbsWhwhQQk3M-S9tCmmzGOmF55Ju5wg==

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/285/ 8 KB
8 KB 743ms
174ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/285/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 83a63cc281d1e788f5dd873dff6ac40d3d2f4c32b1391fcf77d26114b0fcb4d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Thu, 29 Apr 2021 00:04:28 GMT
Server: AmazonS3
x-amz-request-id: C1KZQSAAQG4C1ENF
ETag: "f5689f94637cc3118b4a72bc13eadf95"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 8022
x-amz-id-2: 1t2/IJHIwpn+ksHL+Fm/vVsVSQ8MDhKcslOiH+pZ1nGKrzDpgjcn/OA6lsz17B8Wpyi4g2LRIwc=

GET
H2 200 lazy.svg
emojipedia.org/static/img/ 716 B
408 B 12ms
11ms Image
image/svg+xml 2606:4700:10::ac43:1ab6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emojipedia.org/static/img/lazy.svg

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47c9fb3880fe502e58e3bc54c9f449be5c4a578bcffe20771b8f1c410c17791b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/backhand-index-pointing-right/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64747
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 13 Jan 2022 10:19:03 GMT
server: cloudflare
etag: W/"61dffc97-2cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=345600
cf-ray: 6cdbba2d2e2b4e19-FRA
expires: Sat, 15 Jan 2022 08:39:12 GMT

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/google/313/ 4 KB
4 KB 717ms
188ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/google/313/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 325e93a022541e83ec793d8284aec494e1c23f0f766c20ee4f33966a202a0e40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Mon, 01 Nov 2021 23:18:19 GMT
Server: AmazonS3
x-amz-request-id: C1KR6B1CY54YWJB2
ETag: "75fec9d4eaf468b11ad3740b9dd5a618"
Content-Type: image/png
x-amz-version-id: cw4ee0CQBSVQfkj0q480akjkjZHECi7I
Accept-Ranges: bytes
Content-Length: 3794
x-amz-id-2: /iWRzDXst7VA0c6lEEYBH5vAdby2VCDWrjonIL0wxPRc2xfCb8nPGBWcxwvlnE+jGngSY1sXsFE=

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/samsung/312/ 4 KB
4 KB 758ms
195ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/samsung/312/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5e18ad905f8dcd4d03171050ed92b641e7c871d25cf6ebe94167f91df2a707b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Mon, 18 Oct 2021 12:00:25 GMT
Server: AmazonS3
x-amz-request-id: C1KSG9B782MR5K98
ETag: "6e3e7eb3fa3c2a18f71222a98842e621"
Content-Type: image/png
x-amz-version-id: NNdMI1yl98qvK4zgy91Rgwxjjs0CxBKx
Accept-Ranges: bytes
Content-Length: 3741
x-amz-id-2: HXnfaWKKQ+CUkYuwIlJUyjnPJ7pzbBkGZIu2SIe8vko2XY3dSV52U9Pr6Kcz75ZwyBkV/UvvZFg=

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/microsoft/310/ 2 KB
3 KB 770ms
206ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/microsoft/310/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f39691f3994c6515400636d499f8a3909ea33ffb7875fd13b011c1a8521e3737

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Wed, 24 Nov 2021 22:16:53 GMT
Server: AmazonS3
x-amz-request-id: C1KRQJ9E0Y8SQT4T
ETag: "7775f2e03d754348b4d722e0e88bae3f"
Content-Type: image/png
x-amz-version-id: QjTq_nrj92NZj22JnTUtCibypTlPhBFW
Accept-Ranges: bytes
Content-Length: 2503
x-amz-id-2: 0snquVvyOiWKdc1YU1HFmIkFe19gXh3a2Toznmpq7uSPtp0TgowigMrqtC7puJeHepnNTV3Cn+o=

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/whatsapp/314/ 8 KB
8 KB 767ms
195ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/whatsapp/314/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 688b0ad18d64e05d6b09b3f9bac1166c22fc394141a0ab8352de8a9893b533df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Thu, 18 Nov 2021 19:38:30 GMT
Server: AmazonS3
x-amz-request-id: C1KQXS2HZG4CKZ7Q
ETag: "45b74bf2a9a8293a3ece5f19edecd47c"
Content-Type: image/png
x-amz-version-id: MCiwZjhl9QosVQlHJeXewbpj9dtZZbGW
Accept-Ranges: bytes
Content-Length: 8270
x-amz-id-2: UwLgcfcnKXpXtGZOjskCgmcAw2J0hEZx4kUA+PuhpPFgmdAToHa0K8VIqezN4MdcuLB9FaX1fQY=

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/twitter/282/ 2 KB
3 KB 799ms
197ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/twitter/282/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f4c90a5798e388cf607fe37dce452b5b2baae16caed68e4c00b7f7c95aa249a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Wed, 24 Mar 2021 03:58:53 GMT
Server: AmazonS3
x-amz-request-id: C1KXESB5M1T0S3ZX
ETag: "698432124177cb38e42146231c184442"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 2255
x-amz-id-2: rhksPcHVE2TURn8YKAOYn2YJLG0EF3NC5ScNELQSa5kCorC9Uueee8Rx544B3kRsT2AImw0WWEo=

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/facebook/304/ 8 KB
8 KB 172ms
171ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/facebook/304/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68014a1c1623e2b1551ad8f1e9f0e16d18f0ed699cb9e88ee84e09ce01e462ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Thu, 19 Aug 2021 20:55:06 GMT
Server: AmazonS3
x-amz-request-id: C1KMYBVAR5VFQBY9
ETag: "28fd3f147f21d25924433e3c7b137dde"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 8223
x-amz-id-2: NyDCaolGPWaPZr7dJxlOvfx3Px6+GA3HLnRhEEUt6PPYbffTd0BLkAgiMSpocmmewDDJhxQJ2WI=

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.amazonaws.com/source/skype/289/ 47 KB
48 KB 683ms
170ms Image
image/png 52.219.120.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.amazonaws.com/source/skype/289/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.120.234 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 095348f52f145f7771f768f006e3a1a5e89ca3b98e30c7f8c91f5df141063641

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Tue, 22 Jun 2021 11:27:48 GMT
Server: AmazonS3
x-amz-request-id: C1KV5S8GTEZ1G6R5
ETag: "aae5b89824acda7c7788cbd22fe9bbb9"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 48266
x-amz-id-2: 9fT76oc6CNshxhRvzNDR9EsqXLMrxScBFgiOMI7bJUX5Uu3j4Y/J1Kl09bjzgoUGENJZG/VCOqI=

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/joypixels/291/ 4 KB
4 KB 175ms
175ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/joypixels/291/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 923f4bd70d475e87427975096029849b94ba515f491b4370735e158f2aa00420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Thu, 24 Jun 2021 19:56:03 GMT
Server: AmazonS3
x-amz-request-id: C1KQ9ANGF2F9MP8G
ETag: "e9d5dfd9c8e54aefb405d10ac1c93ab9"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 3673
x-amz-id-2: BbgKDVTH1yczh3zPlcqhkgsnNRhwizlLD3nw5p1zJm4Sl6E2kzOosAh2fB6MeiEyS6njrqAC378=

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/openmoji/292/ 3 KB
3 KB 182ms
182ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/openmoji/292/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 28efc433661d51d4f973df1b91924979406272f84e3b0581622e92554ebdcaec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Tue, 29 Jun 2021 20:55:38 GMT
Server: AmazonS3
x-amz-request-id: C1KJ52B7YMFENQRQ
ETag: "c426fbc4f8f08df60a6e04df46805ce2"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 3095
x-amz-id-2: ouNpxd3keE0nGB9ePMSE0reG9xvFA4/R/ZUsFaaAGCSzO3kkW3fP9mlTJq2ue3b/lH9M8gBU66U=

GET
H/1.1 200
OK white-right-pointing-backhand-index_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/emojidex/112/ 5 KB
6 KB 192ms
191ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/emojidex/112/white-right-pointing-backhand-index_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3f10a3c3401224c7ed410dbf0e92c385aee3f360525461c29ffcb8ce7fffdcc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Mon, 21 Aug 2017 17:03:12 GMT
Server: AmazonS3
x-amz-request-id: C1KJE9X9F2DN2MXA
ETag: "be91ae61ae18645e7268c2d92033ffee"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 5408
x-amz-id-2: 4aRLO4wHGekDE7QAnUc4B2Yt2YSotyAYSH/MSU2S2AozYv2kBFAQc0bJNNkYCY/ov7MmevbAGoE=

GET
H/1.1 200
OK white-right-pointing-backhand-index_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/facebook/65/ 4 KB
4 KB 210ms
210ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/facebook/65/white-right-pointing-backhand-index_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1752034e1626adeddcc057533ad544b70986d0e6a4026800c2750295f03e8c6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Wed, 21 Jun 2017 13:45:47 GMT
Server: AmazonS3
x-amz-request-id: C1KJ6N6DE55P9QMP
ETag: "02a879bc2b9d031a10789ed0c9246200"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 4027
x-amz-id-2: iZayorAHONAjqP0R14LPUkgZgw9NqHD/dAODia4lSrTqxZdS0WbtRpgpwiyrznGEqCrKetV44E4=

GET
H/1.1 200
OK backhand-index-pointing-right_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/lg/307/ 7 KB
8 KB 212ms
212ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/lg/307/backhand-index-pointing-right_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 60372e557941b673aee67fdf47ea1cc3d8ec1c9cd9f96173a97c9aeed5d00ebb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Tue, 31 Aug 2021 23:04:20 GMT
Server: AmazonS3
x-amz-request-id: C1KZXY6D2FJ9AQR4
ETag: "44248c168c13d1d20aba91cab11441af"
Content-Type: image/png
x-amz-version-id: 7G5RER3RbUfKE6XpV1R5dPKHoovrjifV
Accept-Ranges: bytes
Content-Length: 7368
x-amz-id-2: C+BBOWkCG97XiATzj9miIsPMTirqHakkjqMiuA1vtwt9qYIduAGj25n5v5dHuSY8UvV8XgoZpC8=

GET
H/1.1 200
OK white-right-pointing-backhand-index_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/htc/37/ 3 KB
3 KB 171ms
171ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/htc/37/white-right-pointing-backhand-index_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ed53066ca654aef9763219cc030f9f84d8573ff87ad6c8ce6a954643a9d0856a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Wed, 21 Jun 2017 14:02:21 GMT
Server: AmazonS3
x-amz-request-id: C1KT45SGJBKKRJMJ
ETag: "5c1772746562dc2aab3f3a02dbc0e8c3"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 2907
x-amz-id-2: mlrqU4yJ3qDMJjOHgJw46Pfr1wyB2WkOitZ3D7Xlj9PbNYMQEt21eYixr12G5PCMoPstjOB8xeA=

GET
H/1.1 200
OK white-right-pointing-backhand-index_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/mozilla/36/ 1 KB
2 KB 190ms
190ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/mozilla/36/white-right-pointing-backhand-index_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 590ebdb6f469a4d25cf8bbf82eaa3f37d7b458e70598655f9c1ca6e2552d0ea5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Wed, 21 Jun 2017 14:15:36 GMT
Server: AmazonS3
x-amz-request-id: C1KKJXSKY3X2M01Z
ETag: "06b7341ecd88a505cd00a66ed2efff7d"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 1227
x-amz-id-2: XFsUMJ0r4ECdc23jEucb7EY0BqbAt0Ux2YUjKpMQAIsD6zwa3JIE9kEuxELp5oiD8/gBAp89mV0=

GET
H/1.1 200
OK white-right-pointing-backhand-index_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/softbank/145/ 5 KB
6 KB 183ms
183ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/softbank/145/white-right-pointing-backhand-index_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bd64fe7611c46b87ed049df5236eb8bfe901d4669e3bbbe7c60ead9d5a51885

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Wed, 27 Jun 2018 14:27:30 GMT
Server: AmazonS3
x-amz-request-id: C1KJWJXXSEH46471
ETag: "2561e78e2558fe7a0da95fb9a1551ffe"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 5440
x-amz-id-2: yi0P+EhxslhbDVMpkJmoYpt2a4ZF41HHh65SkCUo38CxVca6t5cwjbWqphkHUXkXPVm6dwhbp0Q=

GET
H/1.1 200
OK white-right-pointing-backhand-index_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/docomo/205/ 3 KB
3 KB 203ms
203ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/docomo/205/white-right-pointing-backhand-index_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01d283d712541efae1f85d9f3580ac662636c94b7aa8f9a69aac1b34b657d85c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Fri, 12 Apr 2019 10:59:31 GMT
Server: AmazonS3
x-amz-request-id: C1KYQ6BW4008983P
ETag: "95cfbcdb7b6e07f801145c74c365b370"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 2572
x-amz-id-2: CNPDyhRFqII7hdpPprCAxTnR+8JpL4NYm2ZSt8ZFii5aW8NGbsyhClMZZaOAHocu8ZK23+/uka8=

GET
H/1.1 200
OK white-right-pointing-backhand-index_1f449.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/au-kddi/190/ 2 KB
3 KB 225ms
225ms Image
image/png 2600:1fa0:c0c0:2d0:34db:7141::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/au-kddi/190/white-right-pointing-backhand-index_1f449.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c0c0:2d0:34db:7141:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2d2b2182b5b1283578ceb38e4f6e0dd9a78874516e59b76c4c6ff655d977e9d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:21 GMT
Last-Modified: Sat, 09 Mar 2019 15:36:41 GMT
Server: AmazonS3
x-amz-request-id: C1KYDPTKMR4R55GZ
ETag: "160aca67c76dc21f488b5b23f1b2db5b"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 2229
x-amz-id-2: MvXJyT/2bf/ceokAAiWU7RKDfSxsXPibOQtAYcE3uJnFLNVwZH+fgfB7uofqpd87u1PB2YY2wYk=

GET
H2 200 jquery.min.1171de55ad62.js Show response
emojipedia.org/static/js/ 133 KB
38 KB 21ms
21ms Script
application/javascript 2606:4700:10::ac43:1ab6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emojipedia.org/static/js/jquery.min.1171de55ad62.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb46e2bf6f3a85b6f6adb3f66299403bb2e9adc528dd01fccc1f2bdcc05d78d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/backhand-index-pointing-right/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 57299
cf-polished: origSize=136096
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Nov 2021 10:38:46 GMT
server: cloudflare
etag: W/"61938a36-213a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: public, max-age=345600
cf-ray: 6cdbba2cad9e4e19-FRA
expires: Sat, 15 Jan 2022 10:43:20 GMT

GET
H2 200 site.cc90b96205fb.js Show response
emojipedia.org/static/js/ 17 KB
5 KB 15ms
15ms Script
application/javascript 2606:4700:10::ac43:1ab6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emojipedia.org/static/js/site.cc90b96205fb.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76113ac94f00eb22208a1a3f652571398c38f43339e11f765965ae50b8cf4614

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/backhand-index-pointing-right/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 57053
cf-polished: origSize=17649
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Oct 2018 09:12:49 GMT
server: cloudflare
etag: W/"5bd03791-44f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: public, max-age=345600
cf-ray: 6cdbba2cddce4e19-FRA
expires: Sat, 15 Jan 2022 10:47:26 GMT

GET
H2 200 lazy.f12b5efd22b1.js Show response
emojipedia.org/static/js/ 13 KB
4 KB 13ms
13ms Script
application/javascript 2606:4700:10::ac43:1ab6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emojipedia.org/static/js/lazy.f12b5efd22b1.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e03239557e46aeafe7874eb1be37a3a99be9bcea593843aef24937d78721c432

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/backhand-index-pointing-right/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64752
cf-polished: origSize=13209
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Mar 2017 10:46:37 GMT
server: cloudflare
etag: W/"58be8f8d-3399"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: public, max-age=345600
cf-ray: 6cdbba2cfdea4e19-FRA
expires: Sat, 15 Jan 2022 08:39:07 GMT

GET
H2 200 751e4177-1659-409b-8176-45ccd0adeaff.json Show response
cdn.cookielaw.org/consent/751e4177-1659-409b-8176-45ccd0adeaff/ 4 KB
2 KB 30ms
13ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/751e4177-1659-409b-8176-45ccd0adeaff/751e4177-1659-409b-8176-45ccd0adeaff.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4257c93a6261660aceb5720da447af3c9fce0a1fa599169fb6e757c65d926cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lo1blyL8LxCYvW8UJBxduQ==
age: 8207
vary: Accept-Encoding
content-length: 1546
x-ms-lease-status: unlocked
last-modified: Mon, 11 Oct 2021 12:12:06 GMT
server: cloudflare
etag: 0x8D98CB057D8F5F9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 290e3140-e01e-009b-6e38-bf55de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cdbba2cce506931-FRA
expires: Sat, 15 Jan 2022 06:38:19 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 193 B
398 B 50ms
21ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60756645bbed6ad3cc3e8be0a057dff15132f22b5b60cbe14e48250980043653

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cdbba2d8b392c19-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 43ms
20ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

37ffaf519d628423e1ea7147364a8d2af10c3b63f3ec5a9b598f989aeaafd74c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26979
x-xss-protection: 0
server: sffe
etag: "1102 / 738 of 1000 / last-modified: 1642206167"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 15 Jan 2022 02:38:19 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 47 KB
12 KB 31ms
7ms Script
text/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 486b06b2af04551671c2f02b8da9c31ccef25e26e4836e398961d6bbd56e141f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:19 GMT
Content-Encoding: gzip
Age: 481
X-Cache: HIT
Connection: keep-alive
Content-Length: 11988
x-amz-id-2: 9uhYNZBOfbnvutOS5GQCBYdFxQ5zco04oW8TWE0lf4PuAnV1S6clRPBzLIUWgjvEuOV+gxokILI=
X-Served-By: cache-hhn4083-HHN
Last-Modified: Sat, 15 Jan 2022 01:50:40 GMT
Server: AmazonS3
X-Timer: S1642214300.764327,VS0,VE0
ETag: "7ae14063f8273f61e538145eb931bfad"
x-amz-request-id: 53YB6BWKE67FDBH0
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 2

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 68ms
9ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: HFEsVPyG2xdk9_FYeN9qMCR4YggSwnaH
content-encoding: gzip
etag: 8d3665a9b316600491247ca6d78c204c
age: 170
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 00GTAGPZK37S8ZRGD5RF
date: Sat, 15 Jan 2022 02:35:29 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: LqONYWhKnQ6MjSflD4mKPKtfMi3erd2ZFu1JZHLncFUB8JKvDmQOuw==

GET
H2 200 me Show response
ipfind.co/ 352 B
466 B 541ms
201ms XHR
application/json 54.177.14.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.177.14.228 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-14-228.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: 9122995aaf7eb6fdd2cf382f313b2694f256507521cb457ec1db4adda29e5dba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:20 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 245

GET
H2 200 emojipedia-logo-32.00da97aa590a.png
emojipedia.org/static/img/logo/ 2 KB
3 KB 12ms
12ms Image
image/png 2606:4700:10::ac43:1ab6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emojipedia.org/static/img/logo/emojipedia-logo-32.00da97aa590a.png

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/static/css/emojipedia.0a1b040a6e2c.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ab6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0275a238773358a8b942e94bc90a30adcf06b88d72b6f460b6048302b974544c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/static/css/emojipedia.0a1b040a6e2c.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 64741
cf-polished: origSize=5270
strict-transport-security: max-age=86400
content-length: 2485
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Feb 2017 09:41:17 GMT
server: cloudflare
etag: "58a4223d-1496"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Sat, 15 Jan 2022 08:39:18 GMT
cache-control: public, max-age=345600
accept-ranges: bytes
cf-ray: 6cdbba2d6e554e19-FRA
cf-bgj: imgq:85,h2pri

OPTIONS
H2 204 newor
newor.technoratimedia.com/openrtb/bids/ Frame 0
0 324ms
97ms Preflight 150.136.156.92
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://newor.technoratimedia.com/openrtb/bids/newor?src=prebid_prebid_4.43.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://emojipedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Sat, 15 Jan 2022 02:38:20 GMT
access-control-allow-headers: content-type
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 314617924
age: 0
via: 1.1 varnish

GET
H2

200

embed_loader.js Show response
ssl.gstatic.com/trends_nrtr/2790_RC04/
Redirect Chain

https://ssl.gstatic.com/trends_nrtr/1015_RC10/embed_loader.js
https://ssl.gstatic.com/trends_nrtr/2790_RC04/embed_loader.js

13 KB
5 KB

20ms
19ms

Script
text/javascript

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/trends_nrtr/2790_RC04/embed_loader.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78b301fc217607b2126f9effa6726e425fd47d76c4ee056c363d5ab25ebe8e6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 23:49:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269359
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/izeitgeist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5046
x-xss-protection: 0
last-modified: Sun, 12 Dec 2021 10:06:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="izeitgeist"
vary: Accept-Encoding
report-to: {"group":"izeitgeist","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/izeitgeist"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 11 Jan 2023 23:49:00 GMT

Redirect headers

date: Sat, 15 Jan 2022 02:28:15 GMT
x-content-type-options: nosniff
server: sffe
age: 604
content-type: text/html; charset=UTF-8
location: https://ssl.gstatic.com/trends_nrtr/2790_RC04/embed_loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
expires: Sat, 15 Jan 2022 02:58:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/backhand-index-pointing-right/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5833
date: Sat, 15 Jan 2022 01:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 15 Jan 2022 03:01:06 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
940 B 38ms
12ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 747321
x-amz-request-id: tx405249188a46458ab6884-0061d5ef52
x-amz-id-2: tx405249188a46458ab6884-0061d5ef52
last-modified: Mon, 06 Dec 2021 11:00:36 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AngNKMRbPDUmjqlC%2F3H42iBI7Hqsfkor1nli98CDdbqZcvqo06cjujbNl8b5cr9HsON9zSBe1Kn8cBNIRkVTjB0AOgArw%2FonOlv3PCLxNo2KcUPRlUdJwITPopMRp8Nz703aokNo9%2BiRasnC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1638788436623244
cf-ray: 6cdbba2e2d7f4a5b-FRA

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
247 B 113ms
42ms XHR
application/json 2.21.142.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.142.98 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-142-98.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://emojipedia.org
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sat, 15 Jan 2022 02:38:19 GMT

POST
H2 204 newor Show response
newor.technoratimedia.com/openrtb/bids/ 0
293 B 295ms
100ms XHR
text/plain 150.136.156.92
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://newor.technoratimedia.com/openrtb/bids/newor?src=prebid_prebid_4.43.0
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 15 Jan 2022 02:38:20 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 323261852
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
341 B 153ms
31ms XHR
text/plain 34.255.245.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.255.245.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-245-33.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Sat, 15 Jan 2022 02:38:19 GMT
X-SMT-SessionId: 3784e5b6-a94c-40ee-b005-da9819aed827

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
341 B 154ms
31ms XHR
text/plain 34.255.245.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.255.245.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-245-33.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Sat, 15 Jan 2022 02:38:19 GMT
X-SMT-SessionId: d03c67ca-28a0-46d6-a819-ab0b38d25369

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
341 B 154ms
31ms XHR
text/plain 34.255.245.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.255.245.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-245-33.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Sat, 15 Jan 2022 02:38:19 GMT
X-SMT-SessionId: cb24553f-8f41-43f0-a9a3-31f62821e8d3

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
341 B 155ms
31ms XHR
text/plain 34.255.245.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.255.245.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-245-33.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Sat, 15 Jan 2022 02:38:19 GMT
X-SMT-SessionId: f05bf711-8cce-4d66-9c89-3122fa2c3018

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
341 B 156ms
32ms XHR
text/plain 34.255.245.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 34.255.245.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-245-33.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Sat, 15 Jan 2022 02:38:19 GMT
X-SMT-SessionId: 5e90dfee-d43f-4086-97d4-37a0b7e96c6d

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
476 B 73ms
40ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bbe56eec0f15f59faf362b660e4c89f75353eff99e6bddaddbb0fd1d7f3154b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 6cdbba2e483d8b96-FRA
pragma: no-cache
date: Sat, 15 Jan 2022 02:38:19 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Selecting bids. No selected bids
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
698 B 29ms
11ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:19 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 0710d21d-b2e7-4d06-82ac-d94ac2a4369c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://emojipedia.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
224 B 246ms
32ms XHR
text/plain 99.81.30.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22waldo-tag-10210%22%2C%22callback_id%22%3A%2232aab9be5dca024%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222759516352719823367%22%7D%2C%7B%22placement_id%22%3A%22waldo-tag-10211%22%2C%22callback_id%22%3A%22335f6974489b5a5%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222759516352719823367%22%7D%2C%7B%22placement_id%22%3A%22waldo-tag-10212%22%2C%22callback_id%22%3A%22349bd088dc00706%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222759516352719823367%22%7D%2C%7B%22placement_id%22%3A%22waldo-tag-12170%22%2C%22callback_id%22%3A%2235651de14348ff5%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222759516352719823367%22%7D%2C%7B%22placement_id%22%3A%22waldo-tag-12171%22%2C%22callback_id%22%3A%223647b6d572f7872%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222759516352719823367%22%7D%5D&page_url=https%3A%2F%2Femojipedia.org%2Fbackhand-index-pointing-right%2F&bust=1642214299848&pr=&scrd=1&dnt=false&description=&title=%F0%9F%91%89%20White%20Right%20Pointing%20Backhand%20Index%20Emoji&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%2210175%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.30.72 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-30-72.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
pragma: no-cache
date: Sat, 15 Jan 2022 02:38:20 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 auction Show response
tlx.3lift.com/header/ 9 KB
3 KB 150ms
120ms XHR
application/json 3.125.147.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Femojipedia.org%2Fbackhand-index-pointing-right%2F&tmax=3000

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.147.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-147-153.eu-central-1.compute.amazonaws.com

Software

Resource Hash

bf158fc69da0910b69e5a37ba6ba48a5ca21dbdd93eb66181dd32451ee519e0b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2632
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
329 B 139ms
95ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dVQ06ADzGr6yooaKlId8sQ
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: ae3b508b6a71f08dac15104d30c0564d550724526a946c3d16a2ea9445bea3fc

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 143ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dVQ06ADzGr6yooaKlId8sQ
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 4da6d55165d7ba29aa657a65e7d1ba4833610c35da9866b6d363e1821e238561

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 152ms
109ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dVQ06ADzGr6yooaKlId8sQ
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 92f48ea688242a2323f6a25d777bc9aaba7280330287af2186eaf8dde3c35e98

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 151ms
109ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dVQ06ADzGr6yooaKlId8sQ
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 1ff5ecd6eb82e840a12ea09d574655d61c586d86dbb260219f8e04b74ba48316

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 153ms
110ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dVQ06ADzGr6yooaKlId8sQ
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 80d0af3cae7dafc5bea45c8260c6dc27fbe610333f2f962075f71812346b4fd5

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
501 B 65ms
34ms XHR
application/json 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://emojipedia.org
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
392 B 414ms
97ms XHR
application/json 34.197.208.127
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1133038,1133037,1133037,1133037,1137836&ntv_pb_rid=5518de8848aed13&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoid2FsZG8tdGFnLTEwMjEwIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXV19fX0seyJhZFVuaXRDb2RlIjoid2FsZG8tdGFnLTEwMjExIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19LHsiYWRVbml0Q29kZSI6IndhbGRvLXRhZy0xMDIxMiIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJ3YWxkby10YWctMTIxNzAiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoid2FsZG8tdGFnLTEyMTcxIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDYwMF1dfX19XX0=&ntv_url=https%3A%2F%2Femojipedia.org%2Fbackhand-index-pointing-right%2F
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.208.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-208-127.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:20 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://emojipedia.org
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
337 B 267ms
233ms XHR
text/plain 2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jan 2022 02:38:20 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
cf-ray: 6cdbba2e4ce54339-FRA

GET
H2 200 arj Show response
the-eighth-d.openx.net/w/1.0/ 73 B
378 B 106ms
18ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://the-eighth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Femojipedia.org%2Fbackhand-index-pointing-right%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=27369471-3810-47db-ba6a-521a800d4675%2C691240a2-7907-4629-9301-5d75ac4542f5%2C8ab748a7-8419-4fff-be27-a06e462fd98f%2Cde8c3796-d251-4022-8d0a-c03ebe638d9d%2Cd567ed96-07ac-488c-a8d9-e3f0af6b7df2&nocache=1642214299853&schain=1.0%2C1!newormedia.com%2C10175%2C1%2C%2C%2C&aus=728x90%7C300x250%7C300x250%7C300x250%7C300x600&divids=waldo-tag-10210%2Cwaldo-tag-10211%2Cwaldo-tag-10212%2Cwaldo-tag-12170%2Cwaldo-tag-12171&aucs=%2C%2C%2C%2C&auid=545728921%2C545728922%2C545728923%2C545728917%2C545728916
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: aa66c613125eacfbe148ed0adff3980002acda629ce8ef81336b1903a00573f8

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
server: OXGW/17.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://emojipedia.org
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 3 KB
3 KB 118ms
76ms XHR
application/json 2.21.111.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=642675&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2273df8c99db8632%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Femojipedia.org%2Fbackhand-index-pointing-right%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%2210175%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2274ba742ff015582%22%2C%22ext%22%3A%7B%22siteID%22%3A%22642675%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%227545fa0a40051d7%22%2C%22ext%22%3A%7B%22siteID%22%3A%22642676%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2276f7db6010aa74e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22642677%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.111.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-111-28.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ee277d642f8d75f231f7102fdf57b67141b892cf99d12aacfa54a9d465a69428

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:19 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[138.199.38.132], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://emojipedia.org
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 3084
x-ak-client-geo: 12
expires: Sat, 15 Jan 2022 02:38:19 GMT

POST
H2 204 hbjson Show response
grid.bidswitch.net/ 0
138 B 306ms
133ms XHR
text/plain 3.125.179.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.179.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-179-199.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Sat, 15 Jan 2022 02:38:20 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
346 B 492ms
310ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Sat, 15 Jan 2022 02:38:19 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 222
vary: origin, Accept-Encoding

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 58ms
15ms XHR
text/plain 18.185.195.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Sat, 15 Jan 2022 02:38:19 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 99ms
56ms XHR
text/plain 18.185.195.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Sat, 15 Jan 2022 02:38:19 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 58ms
15ms XHR
text/plain 18.185.195.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Sat, 15 Jan 2022 02:38:19 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 65ms
22ms XHR
text/plain 18.185.195.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Sat, 15 Jan 2022 02:38:19 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 64ms
22ms XHR
text/plain 18.185.195.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.195.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-195-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Sat, 15 Jan 2022 02:38:19 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 11 KB
6 KB 155ms
92ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 008223536acf499a9b01dc9d1c42ecfb19a87738fc30c7c5cb64c1595073624b

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sat, 15 Jan 2022 02:38:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

POST
H2 200 bid-request Show response
rtb.adpone.com/ 768 B
721 B 87ms
49ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121111163739980
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dea863a7368bc52fde75678ea13b04eb95f84dd7e0592381a1b8649909ed6cb4

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fNaY2bPLOSfNhfbk09qYzkgsU5iyEZ5b%2FdeUbhC9N4z4I3prQu5QPxlUxtZrc%2FEkXxmWPqGKiD9GkDgZvWAj4tI5dbagSw4JEMpq0gz82FFNAQ0bgVB69sGZxcp4ZAUbqG1hDPf6G1L%2BzHal"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
cf-ray: 6cdbba2e5ff2699f-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 770 B
723 B 85ms
48ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121111163731213
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: abc65847aabd88ea47651d16819923cf0ebc405bc0ff9b62e707c0668e93f9c6

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7J%2FAI3LXrzPKR2qxQF6Dfo8q7KT0LA%2BrgOFxSCeTfqEHREfcrE5%2BoHnBIO666%2Fx6nxvlb0nN%2FcvsRdkrd1bOAMR8fTBBxVCdFJ%2Fj9zh6zswa%2FXNvsYki723D3IT002rEG4mrixYx4LuUUpY0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
cf-ray: 6cdbba2e5ff3699f-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 770 B
986 B 81ms
45ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121111163731213
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52246f76d5fa8784fe164add3df0d6ef7558b9395517dd0856eb2f646a64dbdd

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gKWRqOwmgWVYStr6DscOG%2B238h928McvIEMljDlGLlM0MiHIJfRR7TsthDQ7xrlFibtpNMkv9iO3U6pSh%2FhsDMRKpdSihxIFeH038AZB1SX%2FnzH0pSwZgk1cqSfIGDMg2yx5Bp8LHIH4zLWR"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
cf-ray: 6cdbba2e5ff6699f-FRA

POST
H2 200 bid-request Show response
rtb.adpone.com/ 770 B
720 B 85ms
49ms XHR
application/json 2606:4700:20::ac43:49e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.adpone.com/bid-request?pid=121111163755628
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1aa169c4bdd8d91750446247c8d723d07fa10e9a2acb08d75450338ad2a81fd

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13BesXRnNbkE4P1ONZ77nRejpGhPhQTH%2BzU3a58TCko7MKo5HKPQYQ3MlYy9OGb%2FK6p4MGQLgBJ6rP7cRkHscOKr%2BNSXldpBlviZOzP%2FOsZ5riAOg43hiS47g7CuGrtIHj3MSRO4zuwgBjwm"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
cf-ray: 6cdbba2e5ff9699f-FRA

POST
H/1.1 200
OK track-impression Show response
thisiswaldo.com/js/ 1 B
376 B 335ms
118ms XHR
application/json 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/js/track-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sat, 15 Jan 2022 02:38:20 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201121212/ 187 KB
60 KB 9ms
8ms Script
application/javascript 151.101.129.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202201121212/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a15a6c44ba88f460140342742241389ecce4f4992e22b24652393316530d53d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:19 GMT
Content-Encoding: gzip
Age: 588
X-Cache: HIT
Connection: keep-alive
Content-Length: 60774
x-amz-id-2: cYWyxfzeIWCogmwS0ZbnWhhe1amgOJUpb6DYYTxUPzejgUFeMLM83pdc1lXcsvjBlGr4cuv5Y20=
X-Served-By: cache-hhn4083-HHN
Last-Modified: Wed, 12 Jan 2022 17:19:54 GMT
Server: AmazonS3
X-Timer: S1642214300.873916,VS0,VE0
ETag: "cc4d6e3d41962aa4f7392062fe0321f4"
x-amz-request-id: Q14KHGJZ6DEBK5M8
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 229

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.23.0/ 312 KB
75 KB 14ms
13ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: joMckLq8BtEunD8NH/4XVA==
age: 8236
vary: Accept-Encoding
content-length: 76366
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:58 GMT
server: cloudflare
etag: 0x8D96DBF6CBEE741
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 804868b5-301e-0077-1904-f65da7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cdbba2e3a2e4a55-FRA

GET
H2 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
118 KB 16ms
15ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 22:23:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15314
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 14 Jan 2023 22:23:05 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
114 B 41ms
15ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=emojipedia.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

456d9df6b2a652d0f54f0287bb107b94d4c276b15edb9b97daca5b26c2fd9efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Sat, 15 Jan 2022 02:38:19 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 27ms
25ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=759775593&t=pageview&_s=1&dl=https%3A%2F%2Femojipedia.org%2Fbackhand-index-pointing-right%2F&ul=en-us&de=UTF-8&dt=%F0%9F%91%89%20White%20Right%20Pointing%20Backhand%20Index%20Emoji&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1825064634&gjid=1797785940&cid=264645518.1642214300&tid=UA-43649623-1&_gid=370556625.1642214300&_r=1&_slc=1&z=1863791510

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 14ms
13ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Femojipedia.org&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:16:43 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
server: Server
age: 1296
x-cache: Hit from cloudfront
access-control-allow-origin: https://emojipedia.org
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: YcjCGpPKzQms6ZSbeGARDJSVG4PgnicCQpMyVb8GY05S14JK6iaaew==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 50ms
49ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Femojipedia.org%2Fbackhand-index-pointing-right%2F&pid=34kpsfSXrR3ID&cb=0&ws=1600x1200&v=7.72.0&t=2250&slots=%5B%7B%22sd%22%3A%22waldo-tag-10210%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia728x90FS_1%22%7D%2C%7B%22sd%22%3A%22waldo-tag-10211%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_1%22%7D%2C%7B%22sd%22%3A%22waldo-tag-10212%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_2%22%7D%2C%7B%22sd%22%3A%22waldo-tag-10213%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_3%22%7D%2C%7B%22sd%22%3A%22waldo-tag-10321%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_4%22%7D%2C%7B%22sd%22%3A%22waldo-tag-10646%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia728x90FS_2%22%7D%2C%7B%22sd%22%3A%22waldo-tag-11040%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x600FX_1%22%7D%2C%7B%22sd%22%3A%22waldo-tag-12170%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_5%22%7D%2C%7B%22sd%22%3A%22waldo-tag-12171%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x600FX_2%22%7D%2C%7B%22sd%22%3A%22waldo-tag-12554%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_6%22%7D%2C%7B%22sd%22%3A%22waldo-tag-12555%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_7%22%7D%5D&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: G0W0DNF7GS5RTJW9KWY4
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: tbnLQiXs-BExD0ilbWrSZZuXjOBqfeIp9gsvDfqcswEwipbsHVpsPA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 26ms
8ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 04:02:52 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 81328
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 22 Dec 2021 01:41:37 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: L2_MRp8KwiUR7xIWXZFooLHRBfnaqY96
via: 1.1 6b8ac2d6d64dc42007741d312e2d73aa.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: wx3e52yxAqqDGKmu2o2J1GzCHzRieC5erm_ku4NbHpb4mmqvKlebDA==

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
23 KB 31ms
16ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 747335
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx27c091e7a51d425285ff6-0061adedd1
x-amz-id-2: tx27c091e7a51d425285ff6-0061adedd1
last-modified: Mon, 06 Dec 2021 11:00:35 GMT
server: cloudflare
etag: W/"d56fadf5a52703aee9982c415a17065a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zUBuokSZYrDwDikBP90UhAa4kLGbYp5vsciyJxqhZOU5WIz%2Fo3TgOCJWrJnI5vy8lQoFI0sFF1DqMCGsjSzLzRrzi4BQ1UH1zVfdPw990SosQDxEDWAq8B8ndVCTWTKeU6G9VRbrFzLsEIP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1638788435319991
cf-ray: 6cdbba2e8dd85c50-FRA
access-control-allow-headers: Authorization

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/751e4177-1659-409b-8176-45ccd0adeaff/e0397f92-d6e8-46b8-9a16-0d2a09450f74/ 115 KB
20 KB 13ms
13ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/751e4177-1659-409b-8176-45ccd0adeaff/e0397f92-d6e8-46b8-9a16-0d2a09450f74/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1d5c34e467b28678e5991174197c0ed1391df1e2d9ba260b4492849c6bcad05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: yi9kCz6xewK5Qv5Fp+bIvg==
age: 8178
vary: Accept-Encoding
content-length: 19856
x-ms-lease-status: unlocked
last-modified: Mon, 11 Oct 2021 12:12:05 GMT
server: cloudflare
etag: 0x8D98CB05778E940
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8f100fc5-901e-017e-0c38-bf017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cdbba2e88aa6931-FRA
expires: Sat, 15 Jan 2022 06:38:19 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 56ms
17ms XHR
text/plain 2a00:1450:400c:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43649623-1&cid=264645518.1642214300&jid=1825064634&gjid=1797785940&_gid=370556625.1642214300&_u=IEBAAEAAAAAAAC~&z=849010283

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 15 Jan 2022 02:38:19 GMT
content-type: text/plain
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 13 KB
3 KB 16ms
16ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: r7t3xbAZ3QK/7lQuu5X7ww==
age: 6933470
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:51 GMT
server: cloudflare
etag: 0x8D96DBF68EC8D5B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 46effa15-001e-00fc-7ea9-cae679000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cdbba2ed90c6931-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/v2/ 47 KB
11 KB 17ms
17ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59415c8f1106151e421f5a3e46e8f8aca679ea9cefba5eb1d386ca0381d48c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +0xPzL52AeUkZsqLfWvieg==
age: 7612186
vary: Accept-Encoding
content-length: 11387
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:53 GMT
server: cloudflare
etag: 0x8D96DBF69F1D28E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c3d3f22d-901e-015c-0a6c-c46f4a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6cdbba2ed90f6931-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 20 KB
4 KB 15ms
14ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 15 Jan 2022 02:38:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 7612184
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:12:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: db151a6a-c01e-000f-746c-c43510000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6cdbba2ed9116931-FRA

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 417ms
16ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=emojipedia.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 Jan 2022 02:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 415ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=emojipedia.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 Jan 2022 02:38:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
339 B 49ms
49ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=333591218819705&correlator=3762666942821002&output=ldjh&impl=fifs&eid=31061165&vrg=2022011002&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20220115&iu_parts=124067137%3A21872898416%2Cemojipedia728x90FS_1%2Cemojipedia300x250FX_1%2Cemojipedia300x250FX_2%2Cemojipedia300x250FX_5%2Cemojipedia300x600FX_2%2Cemojipedia_video_unit&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x600%2C566x387&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D1061187a9a8f3d28%26hb_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.14%26hb_adid%3D108e2306149ed64f%26hb_bidder%3Dtriplelift%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D1097ff5699508176%26hb_bidder%3Dtriplelift%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.14%26hb_adid%3D110c690dab6ab392%26hb_bidder%3Dtriplelift%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.04%26hb_adid%3D114bae8b27116512%26hb_bidder%3Dsovrn%7C&eri=1&cust_params=adx_account%3Dnewor_media_adx%26ob_appnexus%3D1%26ob_ix%3D1%26ob_justpremium%3D1%26ob_medianet%3D1%26ob_openx%3D1%26ob_pubmatic%3D1%26ob_rubicon%3D1%26ob_sovrn%3D1%26ob_triplelift%3D1%26universal_passback%3Dyes&cookie_enabled=1&bc=31&abxe=1&lmt=1642214300&dt=1642214300485&dlt=1642214299570&idt=365&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C975%2C460%2C975%2C975%2C-9&adys=188%2C673%2C4969%2C1512%2C3162%2C-9&adks=2220004319%2C804184230%2C1750055895%2C3329957131%2C1656295031%2C1615582414&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Femojipedia.org%2Fbackhand-index-pointing-right%2F&vis=1&scr_x=0&scr_y=0&psz=1600x90%7C300x250%7C620x250%7C300x250%7C300x600%7C0x-1&msz=1600x90%7C300x250%7C620x250%7C300x250%7C300x600%7C0x-1&ga_vid=264645518.1642214300&ga_sid=1642214300&ga_hid=759775593&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

34b976149f659c4486abf82731fd5ccabd5259579c4c922e599d90981f1a9905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:20 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 309
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
23607e767bfd81b0afb8975378da577f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85FD 6 KB
4 KB 88ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://23607e767bfd81b0afb8975378da577f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 15 Jan 2022 02:38:20 GMT
expires: Sun, 15 Jan 2023 02:38:20 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 57ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39d71539adec07624282a7e04cbfb8c8d7cb0e84aebfd62d18c5ec9e8084bcbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 15 Jan 2022 02:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8760
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 63ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Jan 2022 02:38:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4C61 13 KB
5 KB 25ms
8ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jan 2022 21:56:22 GMT
expires: Sat, 14 Jan 2023 21:56:22 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 16919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F0E2 783 B
1 KB 40ms
18ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

85cb3cefbb32ab3462b1400e1b8128352a6b1e0a6984b3c3ed3b4dd1c0f8e229

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qMPM/T8VSR4VuT0340/2Jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 15 Jan 2022 02:38:21 GMT
date: Sat, 15 Jan 2022 02:38:21 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-qMPM/T8VSR4VuT0340/2Jg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s22cBc76vWepYNwqq7rK-TaORqePB7gQ6sezXyyrHgA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4C61 35 KB
13 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s22cBc76vWepYNwqq7rK-TaORqePB7gQ6sezXyyrHgA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b36d9c05cefabd67a960dc2aabbacaf9368e46a78f07b810eac7b35f2cab1e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 08:14:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13484
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Jan 2023 08:14:58 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F0E2 0
0 23ms
22ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=333591218819705&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4C61 0
9 B 6ms
6ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-LQMvA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=333591218819705&bg=!m5ilmNzNAAaocxMpqHM7ACkAdvg8WiAfY5CngTwUS0CwQmY_aXZJgqrrBBvApvSS_ei8StNM_6Xi8QIAAABMUgAAAAJoAQcKAFdeQX_WaXYLcmFFBUROyU4kAgElr3l3cEcBK0-VR0Q7AeKVGWuvmUsu4UQTPTHg0mGEkZzJgQrQJb-DzkpkgIl4am27BBRGmz5MnTkstwvWVKDw14YFr5CZAuB7r3cks03636_xSd7LSYjUmRhgkup33BgNeHFX7mM1Ty-giUb2TZrTQZL2eOC38LccJ06DnesMmpobYXPpWqP5NZE5MBSlSff1lQKMD8kW11PDzq2xDRBXUaFEouMhBt4axv22oT03DrZuRcysQD3VRDlPe8lNuuCZUO6drv26fyMiDw41SUxarVVBtooLP1IKxmNXoRumCifXoNsBoXx02451ctVQzuahGbK55-LY8UMmVp0CW5yVXKHIX2mdACB97uFY4gKMhbTMMp7oNPIlQbNr2HjHrgSkPnL22vPxjNHv9Vu9sfRuQOKqK3OMQQn4ohQmAj2O3IL8x3pqGyJoKZQ0dFOkQ4q2hfW39fQ8wT4oPXyWTzrqzOnwi8yhmIk1uemx06XIvklAM96A1aXvY0GzAtITy8G26VFdRtBqWSYVl-J3MO3V-Y9yjwbq5hKuyhucyexBwoWfYfQZ6VsYfCz5Xtr0e3R80VR2435nWLLsnS-51Dw53vuV7tEUUf49GAnRuYZ55yYGodXiD9Ll8ZzpCtmFMOSVV2HRMhR6k_F3ZIDtbkOYRNIDMLIeFF29wqIk5py82LcE3TJbex4FNP9AmMZSuSHs8x6Nl-HU7FgD_LdqIKTnGNzn464K1LPeiCFv69IMnTDgaf19A6BM4n9_UXMOA1sDUFOpvRMnBHnzhjZZgOScdyB09czkn-01Se9XBfli3ZGpJbfhcfh138-xVKLSqb8v13r-R-2mZVEZUquIKtjhg5DB4Unh0i2A4Uq-oKXdM5z6FmY22xzw9W10iUVj4prm19cLGQNwJ2pKTCwo76p4Sih_H71wbq21RS3ZT1PzyAg_M-gQrgWeqRt2bY8vD2wNEoJGbfYhBj4SmVBSWRqdtvIip_SOSe0fNJ6vbwdvg-EfS64rbHcPoBDpW-yvdMQS81UbmIFaKgsmiGXnG8EKQkALEqFIWrpQ_JOYo6Tisz3PKcrzluYy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame FDC3 4 KB
1 KB 133ms
124ms Document
text/html 2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4a0c36e37f0e9212ff2c01309ce47217bacb92f4ee38f5ecc3b0f55be9564dc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cdbba4548e34339-FRA
content-encoding: gzip

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E4F1 2 B
75 B 8ms
7ms Document
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1642214299921

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 28
strict-transport-security: max-age=15552000

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 8D3D 20 KB
6 KB 47ms
7ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.0
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frd/E2F8) /
Resource Hash: 836ab705526221b8f0c5006c7e16a6cd4a26eb9e1c1533e73520e82fad6b2c43

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 287
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Sat, 15 Jan 2022 02:38:23 GMT
etag: "4e55-5d218fd2a2900"
expires: Sat, 15 Jan 2022 02:53:23 GMT
last-modified: Wed, 01 Dec 2021 17:27:32 GMT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server: ECAcc (frd/E2F8)
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-varnish: 658433297
content-length: 6086

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 9235 2 KB
1 KB 43ms
8ms Document
text/html 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 15 Jan 2022 02:38:23 GMT
Content-Length: 1151
Connection: keep-alive

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame CA46 0
0 77ms
26ms Document
text/plain 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=12352498
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Sat, 15 Jan 2022 02:38:23 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap3ams1

GET
H2

200

sync Show response
eb2.3lift.com/ Frame 410D
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

8ms
8ms

Document
text/html

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: 3dc95b708c4b4665673a0c143d46cdcf9a0f4d1fc8cf0c0536ac817fde844bb9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
content-type: text/html; charset=utf-8
content-length: 459
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Sat, 15 Jan 2022 02:38:23 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame A459 0
91 B 23ms
16ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.0.0
date: Sat, 15 Jan 2022 02:38:23 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 6552 0
0 338ms
105ms Document
text/plain 67.202.105.24
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dVQ06ADzGr6yooaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.24 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip24.67-202-105.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-33x-status: 2000208
server: 33XP005
date: Sat, 15 Jan 2022 02:38:23 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7C9A 52 KB
17 KB 29ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 13 Jan 2022 02:32:42 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Sat, 15 Jan 2022 02:38:23 GMT
Age: 338
X-Served-By: cache-lga13628-LGA, cache-hhn4068-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 1136
X-Timer: S1642214304.588000,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cad80f15-8c8e-4849-a6a9-874ed4851e1f&ssp=themediagrid

43 B
220 B

8ms
8ms

Image
image/gif

18.157.225.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cad80f15-8c8e-4849-a6a9-874ed4851e1f&ssp=themediagrid
Protocol: HTTP/1.1
Server: 18.157.225.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-225-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=cad80f15-8c8e-4849-a6a9-874ed4851e1f&ssp=themediagrid
Date: Sat, 15 Jan 2022 02:38:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 200 /
onetag-sys.com/usync/ 2 B
75 B 8ms
7ms Image
text/plain 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-length: 28

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 410D 70 B
265 B 100ms
32ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

404

xuidmid=7976&xuid=Vm56ls2fp&dongle=u6nf
eb2.3lift.com/ Frame 410D
Redirect Chain

https://ad.mrtnsvr.com/sync/triplelift
https://eb2.3lift.com/xuidmid=7976&xuid=Vm56ls2fp&dongle=u6nf

37 B
155 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuidmid=7976&xuid=Vm56ls2fp&dongle=u6nf
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cache-control: no-cache, no-store, must-revalidate
x-error: Not Found
content-length: 37
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuidmid=7976&xuid=Vm56ls2fp&dongle=u6nf
date: Sat, 15 Jan 2022 02:38:23 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 92
vary: Origin
content-type: text/html; charset=utf-8

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 410D 170 B
502 B 55ms
18ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 410D
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczNjM4NjQxMTEwNjE0NzAwMDc%3D

170 B
232 B

46ms
19ms

Image
image/png

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczNjM4NjQxMTEwNjE0NzAwMDc%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTczNjM4NjQxMTEwNjE0NzAwMDc%3D
date: Sat, 15 Jan 2022 02:38:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 410D 0
704 B 129ms
109ms Image
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=17363864111061470007&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D30B6A73BDD1445A91871CCDD920D7B1 Ref B: FRAEDGE0813 Ref C: 2022-01-15T02:38:23Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXVldA3jh9W1ItM26/q8w==

GET
H2

200

xuid
eb2.3lift.com/ Frame 410D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/17363864111061470007?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-nwxYpCpE2oT1wMTKy1CuZ9Br6pzsADZ5tdV7ZywY3Q--~A&dongle=0883

37 B
352 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-nwxYpCpE2oT1wMTKy1CuZ9Br6pzsADZ5tdV7ZywY3Q--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Sat, 15 Jan 2022 02:38:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-nwxYpCpE2oT1wMTKy1CuZ9Br6pzsADZ5tdV7ZywY3Q--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 410D 43 B
220 B 14ms
8ms Image
image/gif 18.157.225.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=17363864111061470007&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.225.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-225-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame 410D 42 B
592 B 71ms
48ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=17363864111061470007&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
etag: "9ea1ae3587d81:0"
last-modified: Wed, 12 Jan 2022 02:05:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2D198017993145B8A98E92C441418516 Ref B: FRA31EDGE0119 Ref C: 2022-01-15T02:38:23Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame 410D
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=17363864111061470007
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=17363864111061470007&dcc=t

0
0

100ms
100ms

Image
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=17363864111061470007&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 6PKY1TMGHT1NZWD9V6RD
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=17363864111061470007&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 410D
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

9ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:24 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 7C9A
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
805 B

7ms
7ms

Script
text/html

37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9bae3050-f5fb-472d-8631-5962e42004b8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3342c9e9-3b91-4cac-8fd1-1dc6ff149300
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

usermatch Show response
ssum-sec.casalemedia.com/ Frame F446
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
3 KB

20ms
20ms

Document
text/html

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bb2a3abffc3c42f8139ef2c77db3fbfb7f8d01c555a4872aade39cd14ed7ea7f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 230|45|39|241|73|218|81|152
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1632
Expires: Sat, 15 Jan 2022 02:38:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Connection: keep-alive

Redirect headers

Server: Apache
Content-Length: 314
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Sat, 15 Jan 2022 02:38:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Connection: keep-alive

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDC3
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4e9d420dc3111273db574360

43 B
95 B

123ms
123ms

Image
image/gif

2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4e9d420dc3111273db574360
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cdbba46db2c4339-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Sat, 15 Jan 2022 02:38:23 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=4e9d420dc3111273db574360
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDC3
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ULovr29E2uFIh2PmMwIJ9HIPbEVLa_ZGmPaPQls-~A

43 B
95 B

125ms
125ms

Image
image/gif

2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ULovr29E2uFIh2PmMwIJ9HIPbEVLa_ZGmPaPQls-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cdbba46aae54339-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ULovr29E2uFIh2PmMwIJ9HIPbEVLa_ZGmPaPQls-~A
date: Sat, 15 Jan 2022 02:38:23 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDC3
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP35bd0f4a-75ac-11ec-8cb4-029c5bbfc4f2
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP35bd0f4a-75ac-11ec-8cb4-029c5bbfc4f2

43 B
95 B

128ms
126ms

Image
image/gif

2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP35bd0f4a-75ac-11ec-8cb4-029c5bbfc4f2
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cdbba46fb6a4339-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP35bd0f4a-75ac-11ec-8cb4-029c5bbfc4f2
date: Sat, 15 Jan 2022 02:38:23 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 /
s.ad.smaato.net/c/ Frame FDC3 0
241 B 50ms
8ms Image
text/plain 2600:9000:2057:5400:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:5400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: x1uFEFcBGAR9N8YUvXxCTgYMuxENJtDBOIyIWT7F_VBUY1-7J5fVZw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDC3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7589303835506956694

43 B
95 B

177ms
176ms

Image
image/gif

2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7589303835506956694
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cdbba463a5a4339-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: acf79915-36ef-45fa-943a-ec39225772d9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=7589303835506956694
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDC3
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1d938a97-8d3d-4f45-ae7e-8d46a677a3b8

43 B
95 B

128ms
128ms

Image
image/gif

2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1d938a97-8d3d-4f45-ae7e-8d46a677a3b8
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cdbba468aba4339-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=1d938a97-8d3d-4f45-ae7e-8d46a677a3b8
date: Sat, 15 Jan 2022 02:38:23 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDC3
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7589303835506956694

43 B
106 B

135ms
135ms

Image
image/gif

2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7589303835506956694
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cdbba464a744339-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 220afc1a-1dcd-48b0-9bb7-e455ad4e452c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=7589303835506956694
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDC3
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=644887bc-4965-ae6d-2978-da7b557accee

43 B
95 B

122ms
121ms

Image
image/gif

2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=644887bc-4965-ae6d-2978-da7b557accee
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cdbba482d294339-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=644887bc-4965-ae6d-2978-da7b557accee
pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: origin
expires: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame FDC3
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=58e52350-9bef-510f-96a4-e080f746d31f

43 B
118 B

127ms
127ms

Image
image/gif

2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=58e52350-9bef-510f-96a4-e080f746d31f
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cdbba477c024339-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=58e52350-9bef-510f-96a4-e080f746d31f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame FDC3 0
474 B 71ms
14ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame FDC3 43 B
1009 B 41ms
9ms Image
image/gif 54.36.109.48
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.48 , France, ASN16276 (OVH, FR),

Reverse DNS

p03.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:23 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame F446 170 B
188 B 40ms
23ms Image
image/png 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YeIzn_0FNBixR98UV2WfgQAABIsAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F446
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YeIzn-0FNBixR98UV2WfgQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFv6-34EY1ijsQ39Q9aoJM8&google_cver=1&gdpr=1

43 B
1000 B

21ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFv6-34EY1ijsQ39Q9aoJM8&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 15 Jan 2022 02:38:23 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFv6-34EY1ijsQ39Q9aoJM8&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F446 70 B
264 B 31ms
30ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F446
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeIzn_0FNBixR98UV2WfgQAABIsAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeIzn_0FNBixR98UV2WfgQAABIsAAAIB&dcc=t

43 B
645 B

107ms
107ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeIzn_0FNBixR98UV2WfgQAABIsAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:24 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: X97PMPCQ77RVJQRB9C5X
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 74BP3YEZ4SAMA1DANAP5
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YeIzn_0FNBixR98UV2WfgQAABIsAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 YeIzn_0FNBixR98UV2WfgQAABIsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F446 43 B
873 B 44ms
39ms Image
image/gif 2a05:d018:d29:3602:74fc:7750:9e36:ae36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YeIzn_0FNBixR98UV2WfgQAABIsAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:74fc:7750:9e36:ae36 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YeIzn-0FNBixR98UV2WfgQAA%261163
dpm.demdex.net/ Frame F446 0
0 119ms
30ms Image
application/json 34.247.200.0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YeIzn-0FNBixR98UV2WfgQAA%261163?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.200.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-200-0.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F446
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=rVcfHKhVQ0i2BEIWogdXGPlWSEq2B0Ic_lCSQRoo

43 B
1013 B

13ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=rVcfHKhVQ0i2BEIWogdXGPlWSEq2B0Ic_lCSQRoo
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 15 Jan 2022 02:38:23 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=rVcfHKhVQ0i2BEIWogdXGPlWSEq2B0Ic_lCSQRoo
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F446
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0dd94066-9d92-43ca-b3d5-41c7855ca3d6

43 B
1 KB

13ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0dd94066-9d92-43ca-b3d5-41c7855ca3d6
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:24 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 15 Jan 2022 02:38:24 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:24 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0dd94066-9d92-43ca-b3d5-41c7855ca3d6
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame F446 43 B
425 B 7ms
7ms Image
image/gif 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YeIzn-0FNBixR98UV2WfgQAA%261163
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:23 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "da1f1d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1448
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 15 Jan 2022 03:02:31 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame FE01 1 KB
3 KB 17ms
17ms Document
text/html 2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a3a26d8869102635075764811f99ffa5366192a6f8d0111f8102f729b5ba110b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 46|4|3|88|41|105|57|191
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1502
Expires: Sat, 15 Jan 2022 02:38:23 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Connection: keep-alive

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame C227 0
0 57ms
12ms Document
text/plain 213.19.147.44
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

server: Tengine
date: Sat, 15 Jan 2022 02:38:23 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 279A 14 KB
5 KB 32ms
8ms Document
text/html 2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=141029
expires: Sun, 16 Jan 2022 17:48:52 GMT
date: Sat, 15 Jan 2022 02:38:23 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 3CA9 3 KB
2 KB 9ms
9ms Document
text/html 51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

8c8a8f0d3ce2c484cddfbf511315004ba64441c94c570a34c08c4a10f0c28cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1316
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame AF09 43 B
555 B 67ms
14ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Sat, 15 Jan 2022 02:38:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame FE01 0
0 26ms
9ms Image
text/html 37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FE01
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7325801860547639174

43 B
1 KB

13ms
12ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7325801860547639174
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 15 Jan 2022 02:38:23 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7325801860547639174
pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FE01
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2e0161e2-339f-4200-959a-be623bef92d0&gdpr=1&gdpr_consent=

43 B
1 KB

14ms
14ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2e0161e2-339f-4200-959a-be623bef92d0&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 15 Jan 2022 02:38:23 GMT

Redirect headers

Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: MT3 4133 baa842e master zrh-pixel-x15 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=2e0161e2-339f-4200-959a-be623bef92d0&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 15 Jan 2022 02:38:22 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame FE01
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YeIznwAFlYt2TwBK
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YeIznwAFlYt2TwBK&gdpr=1&_test=YeIznwAFlYt2TwBK

43 B
1 KB

22ms
21ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YeIznwAFlYt2TwBK&gdpr=1&_test=YeIznwAFlYt2TwBK
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 15 Jan 2022 02:38:23 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1642214304.881882,VS0,VE0
x-served-by: cache-hhn4039-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YeIznwAFlYt2TwBK&gdpr=1&_test=YeIznwAFlYt2TwBK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame FE01 43 B
408 B 99ms
26ms Image
image/gif 72.251.245.181
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.181 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-8
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FE01
Redirect Chain

https://d.adroll.com/cm/index/ssp?gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0

43 B
1 KB

13ms
13ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 15 Jan 2022 02:38:23 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date: Sat, 15 Jan 2022 02:38:23 GMT
server: nginx/1.20.0
content-length: 76

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame FE01
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433822365527344

43 B
1 KB

17ms
16ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433822365527344
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 15 Jan 2022 02:38:23 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433822365527344
Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame FE01 43 B
261 B 560ms
175ms Image
image/gif 54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:24 GMT
last-modified: Sat, 15 Jan 2022 02:38:24 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sat, 15 Jan 2022 02:38:25 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame FE01 43 B
95 B 136ms
132ms Image
image/gif 2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YeIzn_0FNBixR98UV2WfgQAABIsAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cdbba467aa74339-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2

200

6f3f61e2-339f-4c00-bb90-ed58996fd3d3
onetag-sys.com/sync/i,1/ Frame 3CA9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=75&redir=%2F%2Fonetag-sys.com%2Fsync%2Fi%2C1%2F%5BMM_UUID%5D
https://onetag-sys.com/sync/i,1/6f3f61e2-339f-4c00-bb90-ed58996fd3d3

0
290 B

8ms
7ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,1/6f3f61e2-339f-4c00-bb90-ed58996fd3d3

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: MT3 4133 baa842e master zrh-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://onetag-sys.com/sync/i,1/6f3f61e2-339f-4c00-bb90-ed58996fd3d3
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 15 Jan 2022 02:38:22 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3CA9 0
239 B 52ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H2

200

5271659981496431387
onetag-sys.com/sync/i,34/ Frame 3CA9
Redirect Chain

https://dmp.adform.net/serving/cookie/match?party=1167&cid=sB8cepWYaDTse_T8MLJRxCxnD-TTDaY4P73Dn8PrkBs
https://dmp.adform.net/serving/cookie/match?CC=1&party=1167&cid=sB8cepWYaDTse_T8MLJRxCxnD-TTDaY4P73Dn8PrkBs
https://onetag-sys.com/sync/i,34/5271659981496431387

0
290 B

10ms
8ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,34/5271659981496431387

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
server: nginx
location: https://onetag-sys.com/sync/i,34/5271659981496431387
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

/
onetag-sys.com/match/ Frame 3CA9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7589303835506956694

0
291 B

9ms
7ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7589303835506956694

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: dd79aa82-23c4-49e4-b8e8-d0d513293045
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7589303835506956694
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 3CA9 0
239 B 35ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=sB8cepWYaDTse_T8MLJRxCxnD-TTDaY4P73Dn8PrkBs
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H2

204

sync
pixel.advertising.com/ups/58198/ Frame 3CA9
Redirect Chain

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

0
124 B

9ms
8ms

Image
text/plain

35.156.69.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

35.156.69.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-69-231.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/58198/sync?&gdpr=1&gdpr_consent=&redir=true&verify=true
date: Sat, 15 Jan 2022 02:38:23 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK sync
ssbsync-global.smartadserver.com/api/ Frame 3CA9 0
75 B 73ms
17ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
content-length: 0

GET
H2 400 711916.gif
id.rlcdn.com/ Frame 3CA9 0
0 53ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2

200

/
onetag-sys.com/match/ Frame 3CA9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN7XGlsHgRBg4f22fkKjIPU&google_cver=1

0
291 B

8ms
7ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN7XGlsHgRBg4f22fkKjIPU&google_cver=1

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://onetag-sys.com/match/?int_id=106&google_gid=CAESEN7XGlsHgRBg4f22fkKjIPU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 3CA9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58488/occ
https://ups.analytics.yahoo.com/ups/58488/occ?verify=true
https://onetag-sys.com/match/?int_id=92&uid=y-PBk5_vVE2uFX3gRe97rxAYnoGE.oo6jAXcsXeoo-~A

0
291 B

8ms
7ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=92&uid=y-PBk5_vVE2uFX3gRe97rxAYnoGE.oo6jAXcsXeoo-~A

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location: https://onetag-sys.com/match/?int_id=92&uid=y-PBk5_vVE2uFX3gRe97rxAYnoGE.oo6jAXcsXeoo-~A
date: Sat, 15 Jan 2022 02:38:23 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

/
onetag-sys.com/sync/i,29/ Frame 3CA9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
https://onetag-sys.com/sync/i,29/?tdid=e19ead9c-51c9-40a0-8326-916eac8ad682&ttl=1644806303

43 B
370 B

8ms
8ms

Image
image/gif

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,29/?tdid=e19ead9c-51c9-40a0-8326-916eac8ad682&ttl=1644806303

Requested by

Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
cache-control: no-cache, no-transform
content-length: 64
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://onetag-sys.com/sync/i,29/?tdid=e19ead9c-51c9-40a0-8326-916eac8ad682&ttl=1644806303
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 211

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame 3CA9
Redirect Chain

https://x.bidswitch.net/sync?ssp=onetag
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=CBMmhw0RetMTQCKHXBNu1AZGddMTE3SHDheSGUSo

43 B
220 B

8ms
7ms

Image
image/gif

18.157.225.191
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=CBMmhw0RetMTQCKHXBNu1AZGddMTE3SHDheSGUSo
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: HTTP/1.1
Server: 18.157.225.191 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-225-191.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sat, 15 Jan 2022 02:38:23 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&gdpr=1&user_id=CBMmhw0RetMTQCKHXBNu1AZGddMTE3SHDheSGUSo
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame 3CA9 43 B
95 B 125ms
124ms Image
image/gif 2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=onetag&uid=sB8cepWYaDTse_T8MLJRxCxnD-TTDaY4P73Dn8PrkBs
Requested by: Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://onetag-sys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6cdbba469ac54339-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 279A 2 KB
3 KB 62ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=28704961&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 208932251f109fa34802b5d824906027c2c3d620f728f3e65a330504cce02cdb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:22 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame A579 35 B
467 B 20ms
19ms Document
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=623B2424-441C-4783-8A06-14AC0A1B9166

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 15 Jan 2022 02:38:23 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame D538
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e0161e2-339f-4200-959a-be623bef92d0&gdpr=0&gdpr_consent=

42 B
338 B

56ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e0161e2-339f-4200-959a-be623bef92d0&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 15 Jan 2022 02:38:22 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug008:0:491
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Date: Sat, 15 Jan 2022 02:38:23 GMT
Content-Type: image/gif
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=360
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master zrh-pixel-x5 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:2e0161e2-339f-4200-959a-be623bef92d0&gdpr=0&gdpr_consent=
Expires: Sat, 15 Jan 2022 02:38:22 GMT

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 1B74
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3661663114190975033

42 B
210 B

14ms
14ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3661663114190975033
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Sat, 15 Jan 2022 02:38:22 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug020:0:441
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3661663114190975033
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 9011 43 B
362 B 57ms
17ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Sat, 15 Jan 2022 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 421590
strict-transport-security: max-age=31536000; preload;

GET
H2 200 setuid Show response
sync.quantumdex.io/ Frame FC12 43 B
95 B 126ms
122ms Document
image/gif 2606:4700:10::6816:2460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=623B2424-441C-4783-8A06-14AC0A1B9166
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
content-type: image/gif
content-length: 43
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6cdbba46fb694339-FRA

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 279A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YjskJEQcR4OKBhSsChuRZg%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

11ms
9ms

Image
text/html

2.21.141.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 2.21.141.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-175.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=141029
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Sun, 16 Jan 2022 17:48:52 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 279A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2e0161e2-339f-4200-959a-be623bef92d0

0
260 B

36ms
13ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2e0161e2-339f-4200-959a-be623bef92d0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:22 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Sat, 15 Jan 2022 02:38:23 GMT
Server: MT3 4133 baa842e master zrh-pixel-x24 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=2e0161e2-339f-4200-959a-be623bef92d0
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 15 Jan 2022 02:38:22 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame 279A
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=623B2424-441C-4783-8A06-14AC0A1B9166
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=9ae2941deb696dda30798f36d57db8b7
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=7cfb4892333300d74395826a559fff72
https://spl.zeotap.com/?zdid=1332&zcluid=3445295ea6a7fc73
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8b784641-973d-4522-77e1-bd0eafa6b659&reqId=6e07a93d-9868-4c16-78a9-54c8d976c2ee&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEAsAqjmDSvIn0VyLwz6eC80&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8b784641-973d-4522-77e1-bd0eafa6b659&reqId=6e07a93d-9868-4c16-78a9-54c...

95 B
164 B

31ms
22ms

Image
image/png

2606:4700:10::6816:1857
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEAsAqjmDSvIn0VyLwz6eC80&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8b784641-973d-4522-77e1-bd0eafa6b659&reqId=6e07a93d-9868-4c16-78a9-54c8d976c2ee&zcluid=3445295ea6a7fc73&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:24 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6cdbba496809434b-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:24 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEAsAqjmDSvIn0VyLwz6eC80&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=8b784641-973d-4522-77e1-bd0eafa6b659&reqId=6e07a93d-9868-4c16-78a9-54c8d976c2ee&zcluid=3445295ea6a7fc73&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 279A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjIzQjI0MjQtNDQxQy00NzgzLThBMDYtMTRBQzBBMUI5MTY2&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
187 B

24ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cache-control: no-store, no-cache, private
x-lat: amspug012:0:417
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 279A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKR_E2tpa1Fk-k53QwL0kKo&google_cver=1

42 B
280 B

25ms
14ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKR_E2tpa1Fk-k53QwL0kKo&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:22 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:466
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKR_E2tpa1Fk-k53QwL0kKo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 279A 43 B
610 B 48ms
13ms Image
image/gif 159.122.14.34
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

22.0e.7a9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 14 Jan 2022 02:38:23 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 279A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5271659981496431387

42 B
389 B

47ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5271659981496431387
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:22 GMT
cache-control: no-store, no-cache, private
x-lat: amspug013:0:410
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5271659981496431387
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 279A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e19ead9c-51c9-40a0-8326-916eac8ad682

42 B
601 B

39ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e19ead9c-51c9-40a0-8326-916eac8ad682
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 00:04:40 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0026:0:397
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 15 Jan 2022 02:38:23 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e19ead9c-51c9-40a0-8326-916eac8ad682
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 279A
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7589303835506956694&gdpr=0&gdpr_consent=

42 B
543 B

41ms
13ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7589303835506956694&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:22 GMT
cache-control: no-store, no-cache, private
x-lat: amspug009:0:426
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:23 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 1b1aff4f-3bb4-41c8-a6f3-74640934cdbf
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7589303835506956694&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 279A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=623B2424-441C-4783-8A06-14AC0A1B9166&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NUSHh51E2uVP7N80gy_l8RVhNhYIFwU-~A&gdpr=0&gdpr_consent=

0
128 B

49ms
14ms

Image
text/plain

198.47.127.20
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NUSHh51E2uVP7N80gy_l8RVhNhYIFwU-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Server: 198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 15 Jan 2022 02:38:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-NUSHh51E2uVP7N80gy_l8RVhNhYIFwU-~A&gdpr=0&gdpr_consent=
date: Sat, 15 Jan 2022 02:38:23 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7C9A 0
733 B 7ms
7ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Jan 2022 02:38:24 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fd31a2a3-74be-4817-8cde-c78220f1ae17
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

93 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 02:19:50	Name: sync Value: CgoIgQIQ587m3OUvCgoI4gEQ587m3OUvCgoI5gEQ587m3OUvCgoIhwIQ587m3OUvCgkICRDnzubc5S8KCQg6EOfO5tzlLwoJCAsQ587m3OUvCgoIjAIQ587m3OUvCgoIngIQ587m3OUvCgkIXxDnzubc5S8=
.mrtnsvr.com/sync	1970-01-20 08:57:16	Name: userId Value: Vm56ls2fp
.emojipedia.org/	1970-01-20 17:41:26	Name: _ga Value: GA1.2.264645518.1642214300
.emojipedia.org/	1970-01-20 00:11:40	Name: _gid Value: GA1.2.370556625.1642214300
.emojipedia.org/	1970-01-20 00:10:14	Name: _gat Value: 1
.emojipedia.org/	1970-01-20 08:55:50	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Jan+15+2022+02%3A38%3A20+GMT%2B0000+(GMT)&version=6.23.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Femojipedia.org%2Fbackhand-index-pointing-right%2F&groups=C0005%3A0%2CC0004%3A0%2CC0003%3A0%2CC0002%3A0%2CC0001%3A1
.quantumdex.io/	1970-01-20 00:24:38	Name: uid Value: d6acfe42-17bb-438d-a651-12cb67364b3c
emojipedia.org/	1970-01-20 02:19:50	Name: waldo_country Value: DE
emojipedia.org/	1970-01-20 02:19:50	Name: waldo_continent Value: EU
emojipedia.org/	1970-01-20 02:19:50	Name: waldo_region Value: 05
prebid.a-mo.net/	1970-01-20 08:55:50	Name: __amc Value: 1_1642214300_1642214300
.technoratimedia.com/	1970-01-21 19:58:14	Name: tads_uid Value: GDPR
.emojipedia.org/	1970-01-20 09:31:50	Name: __gads Value: ID=2d0b802f5a16bfe5-22cd22f41fcd00b1:T=1642214300:S=ALNI_MbFB604YCVlb2VbC73lHqx6A7FpHA
.3lift.com/	1970-01-20 02:19:50	Name: tluid Value: 17363864111061470007
.bidswitch.net/	1970-01-20 08:55:50	Name: tuuid Value: 7e5ae45b-521b-4db0-9d5a-73990f78c2d8
.bidswitch.net/	1970-01-20 08:55:50	Name: c Value: 1642214303
.bidswitch.net/	1970-01-20 08:55:50	Name: tuuid_lu Value: 1642214303
.adnxs.com/	1970-01-20 02:19:50	Name: uuid2 Value: 7589303835506956694
.casalemedia.com/	1970-01-20 08:55:50	Name: CMID Value: YeIzn-0FNBixR98UV2WfgQAA
.casalemedia.com/	1970-01-20 02:19:50	Name: CMPS Value: 3239
.casalemedia.com/	1970-01-20 02:19:50	Name: CMPRO Value: 1163
.bing.com/	1970-01-20 09:31:50	Name: MUID Value: 0256DA5D6C50631E3547CB706DFC621E
.lijit.com/	1970-01-20 08:55:50	Name: ljt_reader Value: 4e9d420dc3111273db574360
.sharethrough.com/	1970-01-20 08:55:50	Name: stx_user_id Value: 1d938a97-8d3d-4f45-ae7e-8d46a677a3b8
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:42:08	Name: bcookie Value: "v=2&55b9c479-73bc-455b-85fd-ce90f98a11b4"
.linkedin.com/	1970-01-20 17:38:42	Name: li_gc Value: MTswOzE2NDIyMTQzMDM7MjswMjEVHeK7XJHQG2w6nsU13S2uXyeK/ACj5Sy1koGGxgYRiA==
.linkedin.com/	1970-01-20 00:11:40	Name: lidc Value: "b=VGST08:s=V:r=V:a=V:p=V:g=2207:u=1:x=1:i=1642214303:t=1642300703:v=2:sig=AQFAOoRb0LpgWyiIe1iW9LiQonV1cIM9"
.ads.pubmatic.com/	1970-01-20 00:11:40	Name: KCCH Value: YES
.quantserve.com/	1970-01-20 02:19:50	Name: d Value: EFcBDQGaJf7KwQA
.quantserve.com/	1970-01-20 09:40:28	Name: mc Value: 61e2339f-ba2b1-a8d6f-17205
.doubleclick.net/	1970-01-20 09:31:50	Name: IDE Value: AHWqTUkgthliNsZBz_Hu-iNVfeRgkvjekbQaE-qUUHmNqXjvgfo1yjtVRwUTrGhFNZU
.adsrvr.org/	1970-01-20 08:55:50	Name: TDID Value: e19ead9c-51c9-40a0-8326-916eac8ad682
.yahoo.com/	1970-01-20 08:56:11	Name: A3 Value: d=AQABBJ8z4mECEGViUIY8MuLNIpFKv-ePOnEFEgEBAQGF42HsYQAAAAAA_eMAAA&S=AQAAAsbd9SdebMQWuR1ZBDRPePo
.id5-sync.com/	1970-01-20 00:10:14	Name: cf Value:
.id5-sync.com/	1970-01-20 00:10:14	Name: cip Value:
.id5-sync.com/	1970-01-20 00:10:14	Name: cnac Value:
.id5-sync.com/	1970-01-20 00:10:14	Name: car Value:
.id5-sync.com/	1970-01-20 00:10:14	Name: gdpr Value:
.id5-sync.com/	1970-01-20 00:10:14	Name: callback Value:
.turn.com/	1970-01-20 04:29:26	Name: uid Value: 7325801860547639174
.adform.net/	1970-01-20 00:54:52	Name: C Value: 1
.advertising.com/	1970-01-20 08:57:16	Name: APID Value: UP35bd0f4a-75ac-11ec-8cb4-029c5bbfc4f2
.mathtag.com/	1970-01-20 09:36:09	Name: uuid Value: 2e0161e2-339f-4200-959a-be623bef92d0
.pubmatic.com/	1970-01-20 02:19:50	Name: KADUSERCOOKIE Value: 623B2424-441C-4783-8A06-14AC0A1B9166
.pubmatic.com/	1970-01-20 02:19:50	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 00:11:40	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 02:19:50	Name: DPSync3 Value: 1643414400%3A201_197_219%7C1642291200%3A174
.pubmatic.com/	1970-01-20 02:19:50	Name: SyncRTB3 Value: 1643414400%3A3_220_21_13_7_161_56_54%7C1643500800%3A35%7C1642809600%3A223
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UP35bd0f4a-75ac-11ec-8cb4-029c5bbfc4f2
.yahoo.com/	1970-01-20 00:11:40	Name: APIDTS Value: 1642214303
.onetag-sys.com/	1970-01-20 17:41:26	Name: OTP Value: CHAh5yGcBWlEIvB-au-o739EZQy55CqSmhi3ZO8kdMM
.analytics.yahoo.com/	1970-01-20 08:57:16	Name: IDSYNC Value: "192w~22o2:192x~22o2:18z8~22o2"
.betweendigital.com/	1970-01-20 08:55:50	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 08:55:50	Name: tuuid Value: 58e52350-9bef-510f-96a4-e080f746d31f
.betweendigital.com/	1970-01-20 08:55:50	Name: ss Value: 1
.adform.net/	1970-01-20 01:36:38	Name: uid Value: 5271659981496431387
.adsrvr.org/	1970-01-20 08:55:50	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwjum6KkxParOhAFGAEgASgCMgsI7pOl0dr2qzoQBTgBWghwdWJtYXRpY2AC
.rfihub.com/	1970-01-20 09:31:50	Name: eud Value: H4sIAAAAAAAAAPvFyGtoZmJkZGhibGBsYWYIAKlMu2YQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjI2MzU1Mjc2MRHiM9TVjTT0jix0jy8Nyw4CANwHFJ8lAAAA
.rfihub.com/	1970-01-20 09:31:50	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MDcxNrYwMjI2MzU1Mjc2MRHiM9TVjTT0jix0jy8Nyw6S4jU0MzEyMjQxNjC2MDMEAOcfvjo0AAAA
.everesttech.net/	1970-01-20 08:55:50	Name: everest_g_v2 Value: g_surferid~YeIznwAFlYt2TwBK
.simpli.fi/	1970-01-20 08:57:16	Name: suid Value: 9404312BE45D48B69F0297D82938E1CB
.pubmatic.com/	1970-01-20 02:19:50	Name: KRTBCOOKIE_57 Value: 22776-7589303835506956694&KRTB&23339-7589303835506956694
.pubmatic.com/	1970-01-20 02:19:50	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-20 02:19:50	Name: KRTBCOOKIE_80 Value: 22987-CAESEKR_E2tpa1Fk-k53QwL0kKo&KRTB&16514-CAESEKR_E2tpa1Fk-k53QwL0kKo&KRTB&23025-CAESEKR_E2tpa1Fk-k53QwL0kKo
.onaudience.com/	1970-01-20 08:55:50	Name: cookie Value: 3445295ea6a7fc73
.onaudience.com/	1970-01-20 00:11:40	Name: done_redirects161 Value: 1
.pubmatic.com/	1970-01-20 00:53:26	Name: SPugT Value: 1642214303
.pubmatic.com/	1970-01-20 02:19:50	Name: KRTBCOOKIE_377 Value: 6810-e19ead9c-51c9-40a0-8326-916eac8ad682&KRTB&22918-e19ead9c-51c9-40a0-8326-916eac8ad682&KRTB&23031-e19ead9c-51c9-40a0-8326-916eac8ad682
.pubmatic.com/	1970-01-20 00:53:26	Name: KRTBCOOKIE_391 Value: 22924-5271659981496431387&KRTB&23263-5271659981496431387
.pubmatic.com/	1970-01-20 00:53:26	Name: PugT Value: 1642214302
.pubmatic.com/	1970-01-20 02:19:50	Name: KRTBCOOKIE_27 Value: 16735-uid:2e0161e2-339f-4200-959a-be623bef92d0&KRTB&16736-uid:2e0161e2-339f-4200-959a-be623bef92d0&KRTB&23019-uid:2e0161e2-339f-4200-959a-be623bef92d0&KRTB&23208-uid:2e0161e2-339f-4200-959a-be623bef92d0
.betweendigital.com/	1970-01-20 08:55:50	Name: ut Value: YeIznwANcWgOn35DPWzKzy1McRp59zLo7jesVQ==
.de17a.com/	1970-01-20 08:48:38	Name: guid2 Value: 1.3661663114190975033
.exelator.com/	1970-01-20 03:03:02	Name: EE Value: "9ae2941deb696dda30798f36d57db8b7"
.exelator.com/	1970-01-20 03:03:02	Name: ud Value: "eJxrXxzq6XKLQcEyMdXI0sQwJTXJzNIsJSXR2MDc0iLN2CzF1DwlySLJfHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ8SX5RZvoiF9fFRSlpDItKik8F79c9CwCWiCpu"
.pubmatic.com/	1970-01-20 00:53:26	Name: KRTBCOOKIE_336 Value: 5844-3661663114190975033
.onaudience.com/	1970-01-20 00:11:40	Name: done_redirects104 Value: 1
.sportradarserving.com/	1970-01-20 08:55:50	Name: zuuid Value: cad80f15-8c8e-4849-a6a9-874ed4851e1f
.sportradarserving.com/	1970-01-20 08:55:50	Name: c Value: 1642214304
.sportradarserving.com/	1970-01-20 08:55:50	Name: zuuid_lu Value: 1642214304
.sportradarserving.com/	1970-01-20 08:55:50	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-20 08:55:50	Name: zuuid_k_lu Value: 1642214304
.crwdcntrl.net/	1970-01-20 06:39:00	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 06:39:00	Name: _cc_id Value: 7cfb4892333300d74395826a559fff72
.crwdcntrl.net/	1970-01-20 06:39:02	Name: _cc_cc Value: "ACZ4XmNQME9OSzKxsDQyBgIDgxRzE2NLUwsjs0RTU8u0tDRzIwYgSHxkvABEQwEAQK4KSw%3D%3D"
.crwdcntrl.net/	1970-01-20 06:39:02	Name: _cc_aud Value: "ABR4XmNgYGBIfGS8AEhBAQAaHgIX"
.casalemedia.com/	1970-01-20 00:11:40	Name: CMST Value: YeIzn2HiM6AA
.casalemedia.com/	1970-01-20 08:55:50	Name: CMRUM3 Value: f161e2339f05a0&da61e2339f2760&2d61e2339f2760CAESEFv6-34EY1ijsQ39Q9aoJM8&5161e2339f05a0&9861e233a027600dd94066-9d92-43ca-b3d5-41c7855ca3d6&e661e2339f2760&6961e2339f05a00&3961e2339f27605107433822365527344&0361e2339f27602e0161e2-339f-4200-959a-be623bef92d0&2761e2339f0b40&4961e2339f05a0
.onaudience.com/	1970-01-20 00:11:40	Name: done_redirects219 Value: 1
.zeotap.com/	1970-01-20 08:55:50	Name: zc Value: 8b784641-973d-4522-77e1-bd0eafa6b659
.zeotap.com/	1970-01-20 00:11:40	Name: zsc Value: %18f%BB%CA%F8%8Bb%5C%A2ZM%DA+%B4d%3F%A0%CEe%2B%C6%99%8D%FB%C8%237X0%BA%E0%C6%D6%BE%D0%99%D0Q%5E%7C%C8R%7D%1CO%96%EF%F4%B4%9D%EF%0F%EE%8F2%CA%C5%ED%B6%02%1A%E1T%B6%26%B8t%8Adb%17%B4%1B_%F0%C36%C1%C4%C8%D1%85Q

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://eb2.3lift.com/xuidmid=7976&xuid=Vm56ls2fp&dongle=u6nf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/711916.gif?ct=4&cv= Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

23607e767bfd81b0afb8975378da577f.safeframe.googlesyndication.com
a.sportradarserving.com
a.teads.tv
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.mrtnsvr.com
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ap.lijit.com
b1sync.zemanta.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
cdn.cookielaw.org
cdn.thisiswaldo.com
cm.adgrx.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
d.adroll.com
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
emojipedia-us.s3.amazonaws.com
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com
emojipedia.org
exchange.postrelease.com
geolocation.onetrust.com
grid.bidswitch.net
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipfind.co
js-sec.indexww.com
loada.exelator.com
match.adsrvr.org
match.sharethrough.com
mp.4dex.io
mwzeom.zeotap.com
newor.technoratimedia.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.ad.smaato.net
px.ads.linkedin.com
rtb.adpone.com
s.ad.smaato.net
s.amazon-adsystem.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
spl.zeotap.com
ssbsync-global.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssl.gstatic.com
ssp.disqus.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
the-eighth-d.openx.net
thisiswaldo.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.com
x.bidswitch.net
141.94.170.64
142.250.184.194
142.250.186.98
143.204.95.188
147.75.38.124
150.136.156.92
151.101.129.108
151.101.129.194
151.101.130.49
152.199.22.191
159.122.14.34
178.162.133.149
178.250.0.163
18.157.225.191
18.185.153.156
18.185.195.153
18.198.69.109
185.29.132.241
185.64.189.110
185.64.190.78
185.86.139.93
188.42.29.196
193.0.160.129
198.47.127.20
2.21.111.28
2.21.141.175
2.21.141.232
2.21.142.98
2001:678:cb4:bbbb::11
213.155.156.166
213.19.147.44
2600:1fa0:c0c0:2d0:34db:7141::
2600:9000:2057:5400:1b:5138:8a40:93a1
2600:9000:2315:3200:f:458e:2a80:93a1
2606:4700:10::6814:b844
2606:4700:10::6816:1857
2606:4700:10::6816:2460
2606:4700:10::ac43:1ab6
2606:4700:20::681a:8a9
2606:4700:20::ac43:49e4
2606:4700::6810:9440
2606:4700::6812:272
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:803::200e
2a00:1450:4001:809::2001
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c0b::9a
2a05:d018:d29:3602:74fc:7750:9e36:ae36
3.125.147.153
3.125.179.199
3.126.56.137
3.65.17.160
34.102.163.6
34.149.20.76
34.197.208.127
34.243.100.214
34.247.200.0
34.255.245.33
35.156.69.231
35.244.159.8
35.244.174.68
35.71.131.137
37.157.5.142
37.252.172.38
37.252.173.215
51.89.9.253
52.15.219.226
52.20.222.10
52.219.120.234
52.30.14.23
52.46.130.91
52.86.150.190
54.177.14.228
54.36.109.48
54.71.47.92
64.202.112.159
67.202.105.24
69.173.144.139
69.173.144.165
72.251.245.181
72.251.249.9
76.223.111.18
99.81.30.72
008223536acf499a9b01dc9d1c42ecfb19a87738fc30c7c5cb64c1595073624b
01d283d712541efae1f85d9f3580ac662636c94b7aa8f9a69aac1b34b657d85c
0275a238773358a8b942e94bc90a30adcf06b88d72b6f460b6048302b974544c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
095348f52f145f7771f768f006e3a1a5e89ca3b98e30c7f8c91f5df141063641
0a15a6c44ba88f460140342742241389ecce4f4992e22b24652393316530d53d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbe56eec0f15f59faf362b660e4c89f75353eff99e6bddaddbb0fd1d7f3154b
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
1752034e1626adeddcc057533ad544b70986d0e6a4026800c2750295f03e8c6b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ff5ecd6eb82e840a12ea09d574655d61c586d86dbb260219f8e04b74ba48316
208932251f109fa34802b5d824906027c2c3d620f728f3e65a330504cce02cdb
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
22fefcdc1585b1fa076041752fe78cbe64544459605751b61c8d1e55e6c977a5
28efc433661d51d4f973df1b91924979406272f84e3b0581622e92554ebdcaec
2d2b2182b5b1283578ceb38e4f6e0dd9a78874516e59b76c4c6ff655d977e9d4
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
325e93a022541e83ec793d8284aec494e1c23f0f766c20ee4f33966a202a0e40
34b976149f659c4486abf82731fd5ccabd5259579c4c922e599d90981f1a9905
37ffaf519d628423e1ea7147364a8d2af10c3b63f3ec5a9b598f989aeaafd74c
39d71539adec07624282a7e04cbfb8c8d7cb0e84aebfd62d18c5ec9e8084bcbb
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc95b708c4b4665673a0c143d46cdcf9a0f4d1fc8cf0c0536ac817fde844bb9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
456d9df6b2a652d0f54f0287bb107b94d4c276b15edb9b97daca5b26c2fd9efc
47c9fb3880fe502e58e3bc54c9f449be5c4a578bcffe20771b8f1c410c17791b
486b06b2af04551671c2f02b8da9c31ccef25e26e4836e398961d6bbd56e141f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
4da6d55165d7ba29aa657a65e7d1ba4833610c35da9866b6d363e1821e238561
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52246f76d5fa8784fe164add3df0d6ef7558b9395517dd0856eb2f646a64dbdd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
590ebdb6f469a4d25cf8bbf82eaa3f37d7b458e70598655f9c1ca6e2552d0ea5
59415c8f1106151e421f5a3e46e8f8aca679ea9cefba5eb1d386ca0381d48c18
5bd64fe7611c46b87ed049df5236eb8bfe901d4669e3bbbe7c60ead9d5a51885
60372e557941b673aee67fdf47ea1cc3d8ec1c9cd9f96173a97c9aeed5d00ebb
60756645bbed6ad3cc3e8be0a057dff15132f22b5b60cbe14e48250980043653
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68014a1c1623e2b1551ad8f1e9f0e16d18f0ed699cb9e88ee84e09ce01e462ed
688b0ad18d64e05d6b09b3f9bac1166c22fc394141a0ab8352de8a9893b533df
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76113ac94f00eb22208a1a3f652571398c38f43339e11f765965ae50b8cf4614
78b301fc217607b2126f9effa6726e425fd47d76c4ee056c363d5ab25ebe8e6d
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
801695c140c57d7157ad394766e8692061624714d9c061e6c9144d6e252552f5
80d0af3cae7dafc5bea45c8260c6dc27fbe610333f2f962075f71812346b4fd5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836ab705526221b8f0c5006c7e16a6cd4a26eb9e1c1533e73520e82fad6b2c43
83a63cc281d1e788f5dd873dff6ac40d3d2f4c32b1391fcf77d26114b0fcb4d6
85cb3cefbb32ab3462b1400e1b8128352a6b1e0a6984b3c3ed3b4dd1c0f8e229
8c8a8f0d3ce2c484cddfbf511315004ba64441c94c570a34c08c4a10f0c28cf3
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9122995aaf7eb6fdd2cf382f313b2694f256507521cb457ec1db4adda29e5dba
923f4bd70d475e87427975096029849b94ba515f491b4370735e158f2aa00420
92f48ea688242a2323f6a25d777bc9aaba7280330287af2186eaf8dde3c35e98
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d5c34e467b28678e5991174197c0ed1391df1e2d9ba260b4492849c6bcad05
a3a26d8869102635075764811f99ffa5366192a6f8d0111f8102f729b5ba110b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa66c613125eacfbe148ed0adff3980002acda629ce8ef81336b1903a00573f8
abc65847aabd88ea47651d16819923cf0ebc405bc0ff9b62e707c0668e93f9c6
ae3b508b6a71f08dac15104d30c0564d550724526a946c3d16a2ea9445bea3fc
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e1bfc711f45cd7ddc6257755de3ae44807f7f6ec28066c89f748a0437a3e43
b36d9c05cefabd67a960dc2aabbacaf9368e46a78f07b810eac7b35f2cab1e00
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2a3abffc3c42f8139ef2c77db3fbfb7f8d01c555a4872aade39cd14ed7ea7f
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bf158fc69da0910b69e5a37ba6ba48a5ca21dbdd93eb66181dd32451ee519e0b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4257c93a6261660aceb5720da447af3c9fce0a1fa599169fb6e757c65d926cd
c59ecf34c8e169eb2c385296530f952be5ced6af24abbe7f2d47b89e520be544
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4a0c36e37f0e9212ff2c01309ce47217bacb92f4ee38f5ecc3b0f55be9564dc
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dea863a7368bc52fde75678ea13b04eb95f84dd7e0592381a1b8649909ed6cb4
e03239557e46aeafe7874eb1be37a3a99be9bcea593843aef24937d78721c432
e1aa169c4bdd8d91750446247c8d723d07fa10e9a2acb08d75450338ad2a81fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f10a3c3401224c7ed410dbf0e92c385aee3f360525461c29ffcb8ce7fffdcc
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb04b94656de1350a1fe252e640d692b44f9501188d48c01884d6962bea38913
eb46e2bf6f3a85b6f6adb3f66299403bb2e9adc528dd01fccc1f2bdcc05d78d1
ed53066ca654aef9763219cc030f9f84d8573ff87ad6c8ce6a954643a9d0856a
ee277d642f8d75f231f7102fdf57b67141b892cf99d12aacfa54a9d465a69428
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39691f3994c6515400636d499f8a3909ea33ffb7875fd13b011c1a8521e3737
f4c90a5798e388cf607fe37dce452b5b2baae16caed68e4c00b7f7c95aa249a6
f5e18ad905f8dcd4d03171050ed92b641e7c871d25cf6ebe94167f91df2a707b

emojipedia.org Open in urlscan Pro 2606:4700:10::ac43:1ab6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

184 Requests

77 %HTTPS

28 %IPv6

68 Domains

97 Subdomains

73 IPs

10 Countries

880 kBTransfer

2491 kBSize

93 Cookies

25 Outgoing links

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

emojipedia.org Open in urlscan Pro
2606:4700:10::ac43:1ab6 Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

77 %
HTTPS

28 %
IPv6

68
Domains

97
Subdomains

73
IPs

10
Countries

880 kB
Transfer

2491 kB
Size

93
Cookies

184 HTTP transactions
1 data transactions