emojipedia.org Open in urlscan Pro
2606:4700:10::6816:3999 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://emojipedia.org/snowflake/
Effective URL:
https://emojipedia.org/snowflake/
Submission: On November 30 via manual (November 30th 2021, 5:06:13 am UTC) from US — Scanned from DE

Summary HTTP 265 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 79 IPs in 10 countries across 63 domains to perform 265 HTTP transactions. The main IP is 2606:4700:10::6816:3999, located in United States and belongs to CLOUDFLARENET, US. The main domain is emojipedia.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.

This is the only time emojipedia.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	2606:4700:10:... 2606:4700:10::6816:3999	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:ac00:f:458e:2a80:93a1	16509 (AMAZON-02) (AMAZON-02)
17	2600:1fa0:c04... 2600:1fa0:c040:301:34db:792a::	16509 (AMAZON-02) (AMAZON-02)
1	52.219.112.35 52.219.112.35	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
4	13.224.198.4 13.224.198.4	16509 (AMAZON-02) (AMAZON-02)
1	54.153.127.51 54.153.127.51	16509 (AMAZON-02) (AMAZON-02)
2	193.122.174.27 193.122.174.27	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
4 10	185.33.221.87 185.33.221.87	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
1	184.31.84.150 184.31.84.150	16625 (AKAMAI-AS) (AKAMAI-AS)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	54.145.87.156 54.145.87.156	14618 (AMAZON-AES) (AMAZON-AES)
5	52.212.155.9 52.212.155.9	16509 (AMAZON-02) (AMAZON-02)
1	54.77.232.22 54.77.232.22	16509 (AMAZON-02) (AMAZON-02)
1	52.29.166.103 52.29.166.103	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.59.85.35 52.59.85.35	16509 (AMAZON-02) (AMAZON-02)
4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
2 4	216.52.2.39 216.52.2.39	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
5	52.28.9.10 52.28.9.10	16509 (AMAZON-02) (AMAZON-02)
1 13	2606:4700:10:... 2606:4700:10::ac43:2ac6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.15.219.226 52.15.219.226	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
6	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	185.170.61.74 185.170.61.74	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3	18.159.156.184 18.159.156.184	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	213.202.235.9 213.202.235.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
4	37.157.6.235 37.157.6.235	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
10 13	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4 17	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1	138.201.63.157 138.201.63.157	24940 (HETZNER-AS) (HETZNER-AS)
1 5	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 4	138.201.63.116 138.201.63.116	24940 (HETZNER-AS) (HETZNER-AS)
3	204.154.111.154 204.154.111.154	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	172.217.16.134 172.217.16.134	15169 (GOOGLE) (GOOGLE)
4	213.254.244.19 213.254.244.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	67.202.105.21 67.202.105.21	32748 (STEADFAST) (STEADFAST)
1	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
2 7	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 4	18.195.106.43 18.195.106.43	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2620:119:50e7... 2620:119:50e7:101::9002:e05	14413 (LINKEDIN) (LINKEDIN)
1 3	2a05:d018:d29... 2a05:d018:d29:3602:73b0:42cb:776e:1ea4	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	209.54.180.3 209.54.180.3	16509 (AMAZON-02) (AMAZON-02)
1 1	64.74.236.127 64.74.236.127	19024 (INTERNAP-...) (INTERNAP-BLK5)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	52.21.1.190 52.21.1.190	14618 (AMAZON-AES) (AMAZON-AES)
1	52.212.206.16 52.212.206.16	16509 (AMAZON-02) (AMAZON-02)
1	35.241.40.233 35.241.40.233	15169 (GOOGLE) (GOOGLE)
2	51.178.20.140 51.178.20.140	16276 (OVH) (OVH)
2 2	3.208.105.70 3.208.105.70	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:20e... 2600:9000:20eb:1e00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	146.20.128.198 146.20.128.198	27357 (RACKSPACE) (RACKSPACE)
3 4	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	35.157.240.53 35.157.240.53	16509 (AMAZON-02) (AMAZON-02)
1 2	54.36.109.22 54.36.109.22	16276 (OVH) (OVH)
2	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	18.196.163.95 18.196.163.95	16509 (AMAZON-02) (AMAZON-02)
2 2	23.111.200.118 23.111.200.118	7979 (SERVERS-COM) (SERVERS-COM)
1	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
265	79

8 2606:4700:10::6816:3999 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

emojipedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:ac00:f:458e:2a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:1fa0:c040:301:34db:792a:: (San Jose, United States)

ASN16509 (AMAZON-02, US)

emojipedia-us.s3.dualstack.us-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.112.35 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-w.amazonaws.com

emojipedia-us.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.194 (United States)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.198.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-198-4.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.153.127.51 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-127-51.us-west-1.compute.amazonaws.com

ipfind.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.122.174.27 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

newor.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.33.221.87 (Amsterdam, Netherlands) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

the-eighth-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.87.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-87-156.compute-1.amazonaws.com

exchange.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.212.155.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-155-9.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.232.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-232-22.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.166.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-166-103.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.85.35 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.39 (United States) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.28.9.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-9-10.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::ac43:2ac6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ms.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.15.219.226 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-219-226.us-east-2.compute.amazonaws.com

thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.61.74 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a3173.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.159.156.184 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-156-184.eu-central-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.9 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.98 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.157 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.116 (Hockenheim, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.116.63.201.138.clients.your-server.de

hal90004.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 204.154.111.154 (United States)

ASN36062 (DOUBLE-VERIFY, US)
PTR: nycp-hlb36.doubleverify.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps625.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.235 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 213.254.244.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20239.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

ad-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.195.106.43 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:119:50e7:101::9002:e05 (San Francisco, United States)

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3602:73b0:42cb:776e:1ea4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 209.54.180.3 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.74.236.127 (United States) 1 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.1.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-1-190.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.206.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-206-16.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.40.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 233.40.241.35.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.178.20.140 (France)

ASN16276 (OVH, FR)
PTR: ns31193670.ip-51-178-20.eu

gu.dyntrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.208.105.70 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-105-70.compute-1.amazonaws.com

nep.advangelists.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1e00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.20.128.198 (United States)

ASN27357 (RACKSPACE, US)

cs.lkqd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.0.31 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.240.53 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-240-53.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.36.109.22 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: p09.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.149 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.163.95 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-163-95.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.111.200.118 (Russian Federation) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	455 KB
33	doubleclick.net 10 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	260 KB
18	amazonaws.com emojipedia-us.s3.dualstack.us-west-1.amazonaws.com emojipedia-us.s3.amazonaws.com	618 KB
17	casalemedia.com 4 redirects htlb.casalemedia.com a3173.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com	20 KB
13	quantumdex.io 1 redirects useast.quantumdex.io sync.quantumdex.io ms.quantumdex.io	3 KB
12	doubleverify.com 1 redirects cdn.doubleverify.com rtb0.doubleverify.com tps625.doubleverify.com tps.doubleverify.com tps20239.doubleverify.com	119 KB
11	adnxs.com 4 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	32 KB
10	adform.net track.adform.net s1.adform.net	157 KB
8	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	8 KB
8	amazon-adsystem.com 2 redirects c.amazon-adsystem.com s.amazon-adsystem.com	42 KB
8	emojipedia.org 1 redirects emojipedia.org	65 KB
7	yahoo.com 4 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	4 KB
7	cookielaw.org cdn.cookielaw.org	122 KB
6	googletagservices.com www.googletagservices.com	167 KB
6	sharethrough.com 1 redirects btlr.sharethrough.com match.sharethrough.com	801 B
6	smaato.net prebid.ad.smaato.net s.ad.smaato.net	2 KB
6	33across.com ssc.33across.com ssc-cms.33across.com	910 B
5	redintelligence.net 1 redirects hal9000.redintelligence.net hal90004.redintelligence.net	10 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	bidswitch.net 2 redirects grid.bidswitch.net x.bidswitch.net	2 KB
4	lijit.com 2 redirects ap.lijit.com	5 KB
4	onetag-sys.com onetag-sys.com	1 KB
4	openx.net the-eighth-d.openx.net us-u.openx.net u.openx.net	662 B
3	clarium.io protected-by.clarium.io	1 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	4dex.io script.4dex.io mp.4dex.io	24 KB
3	technoratimedia.com newor.technoratimedia.com ad-cdn.technoratimedia.com	6 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	645 B
2	pubmatic.com ads.pubmatic.com image6.pubmatic.com	5 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	sonobi.com sync.go.sonobi.com	1 KB
2	id5-sync.com 1 redirects id5-sync.com	2 KB
2	advertising.com 2 redirects pixel.advertising.com	674 B
2	advangelists.com 2 redirects nep.advangelists.com	456 B
2	dyntrk.com gu.dyntrk.com	430 B
2	turn.com 2 redirects ad.turn.com	837 B
2	adsrvr.org match.adsrvr.org	529 B
2	indexww.com js-sec.indexww.com	2 KB
2	teads.tv sync.teads.tv	344 B
2	2mdn.net s0.2mdn.net	90 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	gstatic.com 1 redirects ssl.gstatic.com	6 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	73 KB
2	thisiswaldo.com cdn.thisiswaldo.com thisiswaldo.com	111 KB
1	rfihub.com 1 redirects p.rfihub.com	779 B
1	unrulymedia.com usermatch.targeting.unrulymedia.com
1	lkqd.net cs.lkqd.net	309 B
1	brand-display.com dmp.brand-display.com	253 B
1	bidr.io match.prod.bidr.io	430 B
1	adentifi.com rtb.adentifi.com	88 B
1	zemanta.com 1 redirects b1sync.zemanta.com	301 B
1	bing.com c.bing.com	593 B
1	linkedin.com px.ads.linkedin.com	598 B
1	quantserve.com 1 redirects pixel.quantserve.com	518 B
1	contentspread.net cdn.contentspread.net	52 KB
1	googleapis.com ajax.googleapis.com	32 KB
1	exactag.com m.exactag.com	1 KB
1	jsdelivr.net cdn.jsdelivr.net	9 KB
1	yieldmo.com ads.yieldmo.com	224 B
1	postrelease.com exchange.postrelease.com	392 B
1	a-mo.net prebid.a-mo.net	378 B
1	ipfind.co ipfind.co	465 B
1	onetrust.com geolocation.onetrust.com	388 B
265	63

	Domain	Requested by
23	pagead2.googlesyndication.com	1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com emojipedia.org googleads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net securepubads.g.doubleclick.net www.googletagservices.com
21	tpc.googlesyndication.com	emojipedia.org 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com googleads.g.doubleclick.net cdn.ampproject.org tpc.googlesyndication.com securepubads.g.doubleclick.net
17	emojipedia-us.s3.dualstack.us-west-1.amazonaws.com	emojipedia.org
13	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net eb2.3lift.com
12	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
11	sync.quantumdex.io	cdn.thisiswaldo.com sync.quantumdex.io ssum-sec.casalemedia.com
9	ib.adnxs.com	4 redirects cdn.thisiswaldo.com googleads.g.doubleclick.net acdn.adnxs.com
8	emojipedia.org	1 redirects emojipedia.org
7	eb2.3lift.com	2 redirects cdn.thisiswaldo.com eb2.3lift.com
7	googleads.g.doubleclick.net	1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com emojipedia.org
7	securepubads.g.doubleclick.net	cdn.thisiswaldo.com securepubads.g.doubleclick.net emojipedia.org www.googletagservices.com
7	cdn.cookielaw.org	emojipedia.org cdn.cookielaw.org
6	track.adform.net	emojipedia.org 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com s1.adform.net
6	www.googletagservices.com	emojipedia.org 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
5	cdn.doubleverify.com	1 redirects s1.adform.net cdn.doubleverify.com ad.doubleclick.net emojipedia.org
5	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
5	btlr.sharethrough.com	cdn.thisiswaldo.com
5	prebid.ad.smaato.net	cdn.thisiswaldo.com
5	ssc.33across.com	cdn.thisiswaldo.com
4	ups.analytics.yahoo.com	3 redirects ssum-sec.casalemedia.com
4	s.amazon-adsystem.com	2 redirects eb2.3lift.com ssum-sec.casalemedia.com
4	x.bidswitch.net	2 redirects eb2.3lift.com
4	hal90004.redintelligence.net	1 redirects 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com emojipedia.org hal90004.redintelligence.net
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net ad.doubleclick.net
4	s1.adform.net	emojipedia.org track.adform.net
4	1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
4	ap.lijit.com	2 redirects cdn.thisiswaldo.com
4	onetag-sys.com	cdn.thisiswaldo.com sync.quantumdex.io
4	c.amazon-adsystem.com	emojipedia.org c.amazon-adsystem.com
3	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com sync.quantumdex.io
3	pr-bh.ybp.yahoo.com	1 redirects ssum-sec.casalemedia.com
3	tps20239.doubleverify.com	1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com cdn.doubleverify.com
3	protected-by.clarium.io	emojipedia.org 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
2	sync-tm.everesttech.net	2 redirects
2	ads.betweendigital.com	2 redirects
2	sync.go.sonobi.com	sync.quantumdex.io
2	id5-sync.com	1 redirects sync.quantumdex.io
2	pixel.advertising.com	2 redirects
2	nep.advangelists.com	2 redirects
2	gu.dyntrk.com	ssum-sec.casalemedia.com
2	ad.turn.com	2 redirects
2	match.adsrvr.org	eb2.3lift.com ssum-sec.casalemedia.com
2	js-sec.indexww.com	cdn.thisiswaldo.com ssum-sec.casalemedia.com
2	tps625.doubleverify.com	cdn.doubleverify.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	s0.2mdn.net	1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
2	script.4dex.io	cdn.thisiswaldo.com script.4dex.io
2	www.google-analytics.com	emojipedia.org www.google-analytics.com
2	ssl.gstatic.com	1 redirects emojipedia.org
2	newor.technoratimedia.com	cdn.thisiswaldo.com
2	confiant-integrations.global.ssl.fastly.net	cdn.thisiswaldo.com confiant-integrations.global.ssl.fastly.net
1	image6.pubmatic.com	ads.pubmatic.com
1	p.rfihub.com	1 redirects
1	secure.adnxs.com	ssum-sec.casalemedia.com
1	ads.pubmatic.com	sync.quantumdex.io
1	usermatch.targeting.unrulymedia.com	sync.quantumdex.io
1	match.sharethrough.com	1 redirects
1	cs.lkqd.net	sync.quantumdex.io
1	s.ad.smaato.net	sync.quantumdex.io
1	ms.quantumdex.io	1 redirects
1	dmp.brand-display.com	ssum-sec.casalemedia.com
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	rtb.adentifi.com	ssum-sec.casalemedia.com
1	b1sync.zemanta.com	1 redirects
1	c.bing.com	eb2.3lift.com
1	px.ads.linkedin.com	eb2.3lift.com
1	pixel.quantserve.com	1 redirects
1	u.openx.net	cdn.thisiswaldo.com
1	ad-cdn.technoratimedia.com	cdn.thisiswaldo.com
1	acdn.adnxs.com	cdn.thisiswaldo.com
1	ssc-cms.33across.com	cdn.thisiswaldo.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	ad.doubleclick.net	www.googletagservices.com
1	cdn.contentspread.net	hal90004.redintelligence.net
1	ajax.googleapis.com	hal90004.redintelligence.net
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	hal9000.redintelligence.net	emojipedia.org
1	m.exactag.com	1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
1	a3173.casalemedia.com	emojipedia.org
1	cdn.jsdelivr.net	emojipedia.org
1	adservice.google.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	thisiswaldo.com	cdn.thisiswaldo.com
1	useast.quantumdex.io	cdn.thisiswaldo.com
1	tlx.3lift.com	cdn.thisiswaldo.com
1	mp.4dex.io	cdn.thisiswaldo.com
1	grid.bidswitch.net	cdn.thisiswaldo.com
1	ads.yieldmo.com	cdn.thisiswaldo.com
1	exchange.postrelease.com	cdn.thisiswaldo.com
1	the-eighth-d.openx.net	cdn.thisiswaldo.com
1	htlb.casalemedia.com	cdn.thisiswaldo.com
1	prebid.a-mo.net	cdn.thisiswaldo.com
1	ipfind.co	cdn.thisiswaldo.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	emojipedia-us.s3.amazonaws.com	emojipedia.org
1	cdn.thisiswaldo.com	emojipedia.org
265	98

This site contains links to these domains. Also see Links.

Domain
instagram.com
twitter.com
en.wikipedia.org
www.yelp.com
www.youtube.com
trends.google.com
nomadlist.com
www.unicode.org
blog.emojipedia.org
unicode.org
www.zedge.net
www.facebook.com
www.instagram.com
tiktok.com
cookiepedia.co.uk
www.onetrust.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2021-04-17` - `2022-05-19`	a year	crt.sh
*.s3-us-west-1.amazonaws.com Amazon	`2021-03-26` - `2022-03-25`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-03-22` - `2022-03-03`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
ipfind.co Amazon	`2021-02-02` - `2022-03-03`	a year	crt.sh
*.technoratimedia.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-17` - `2022-10-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.a-mo.net R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2021-11-26` - `2022-02-24`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
smaato.net Sectigo ECC Organization Validation Secure Server CA	`2020-07-28` - `2022-10-04`	2 years	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.3lift.com Amazon	`2021-06-12` - `2022-07-11`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2021-09-25` - `2022-10-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2021-01-13` - `2022-02-14`	a year	crt.sh
protected-by.clarium.io Gandi Standard SSL CA 2	`2020-04-03` - `2022-04-26`	2 years	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
contentspread.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-23` - `2022-09-30`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-09-16` - `2022-03-16`	6 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-09-30` - `2022-03-30`	6 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-24` - `2022-02-16`	6 months	crt.sh
adentifi.com Amazon	`2021-09-04` - `2022-10-03`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2021-02-26` - `2022-03-27`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2020-06-24` - `2022-06-24`	2 years	crt.sh
*.dyntrk.com R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.lkqd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-09` - `2022-07-14`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.targeting.unrulymedia.com DigiCert SHA2 Secure Server CA	`2020-05-04` - `2022-05-09`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-08-17` - `2022-02-09`	6 months	crt.sh

This page contains 33 frames:

Primary Page: https://emojipedia.org/snowflake/
Frame ID: BEDAF7B6A1F6F613BCEB28E491AB2A90
Requests: 87 HTTP requests in this frame

Frame: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2D16100C4CF0CEF878766B5C8A172F69
Requests: 1 HTTP requests in this frame

Frame: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A399D924A7C407CA89396DAE04956FCB
Requests: 28 HTTP requests in this frame

Frame: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8201CE5070299705D4F2B66D6B311917
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKA3CdQX7E-Wi6nixWgH2JxYafUCj0KcUmTgXxlrD2TlD2F_hF9ZjKIEtMWlmLSVQMUZeu6sUR8AzDLYPnANYvpP1KMsAAmBZRaWzDPRMMxDF8SuKjbYVobXjg-nmiNq1mjL1863v_VGoRd2T6svNNWj3iBp7HkMQJ2HNrvNheD7_1FsGeQ06a-hRWqT1XIu_oudgwPUhIs13GrUoH3bSLW4R-p7FtFLaSADjm7suHYkfEht9aoG8fgcINftmml2YHNJSSxzT1j616POVcytsb47W_7O31icZorjySrRNv7am5I1VsiGjzB7eI17OhCJfNWRU&sai=AMfl-YQkjtmpfssABzVWgdQeXbADgnI6xyJueOnL_w0pqarSAW8S1TuK-UC7MME8-CsaRtJpB8lmAmSuuHeYDISjfrDLiqhu7ZK2sPELcArsVfIxNuA_4gfR48puORh_2Dw&sig=Cg0ArKJSzPBLBPes9b8-EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 7788F02E7806DA2838CA792D2A44089F
Requests: 14 HTTP requests in this frame

Frame: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BABECA7ECE60E08F7DA14005DA0FF9DD
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: F30DCCAA1463F807B5DFEBAA159E46E1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi5rtGYATAB&v=APEucNVT8g7vyWMZiFswkxjtWezhQPMUCs1XgMGNJRdg7gonbvEUt9k880yZH2raDWtH17BbjfYZ4Z6UoW-bMcSiJLa60G6AsiUX6_X2cyJ-Xh8FijuDZYWnSokiDlQG23INJAzFAyjnYd3uIAI_Jevl1l0rLvpXjJluqBPg5JU_UAIASZ6V8jY
Frame ID: 738D4F119D289DA0DE508DDE19FB7FA4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYgc3UuQEwAQ&v=APEucNWD6vBAvf9PV33ZYtxYhI55wZPzovIWz0BLDr3ZxAX2XrX33j820wlVD7-VTOyQbiwReqHbvJ_n-emVw2Cpr_3_fBqtLUlu1Y_PeCZnrWwhmWp25PwVnLd6L-ppRJuJe-gt9ugn_fyh27wiCC0dsyGlLBzjWmcOQFUM5kSy8x0TOChUI7Y
Frame ID: F49BBF3ED25070BC2F75A39F281D79C7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXlD_GfxYp6N2-WpC2Ma4145LUXZTmzdrMs9giXOUweJ-a-qssLKa34thSKKDstXh6xfbz7XJ6S0WYbInl1hwHMaxvILMYMD8N1BeMt3bp0TiuNQqOnftY6M4Iwzp73ktExH51-O1qicuShQmEWTExU1MKJxEjiU8d5GKuuL82DPMMjJfo
Frame ID: D3E8FEAB0E920D55DB8378A0252DBE40
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 053628BB8D850E48EF7E55C471695DF0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C64F68D8E7958AECFA09CF009F863926
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CDC03E40A4BC722FCE4C97C0D52AB844
Requests: 3 HTTP requests in this frame

Frame: https://hal90004.redintelligence.net/request_content.php?s=13752200014707400757589011794004&a=1e70f7a8
Frame ID: A00FF0AE6FAE418C5E7F4D88216EE8A2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B48BF464575C287E0F91BCD95AD3A6F4
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1874.js
Frame ID: 52FB8282606E50E82DFAEE282B69CC2E
Requests: 5 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dVQ06ADzGr6yooaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 537A6D215C17CC8DB6B3D5487E9E93DF
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 630B808E12FFC0174EA59CE31B5A9A49
Requests: 3 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.0
Frame ID: 5B6807ECF49A098FB7194633FFD09DEB
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: CDAE7595B1186EEF776BC8CECC84B629
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A5E9F1B33BFD5548E807D17ED9BB85C7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: E73F06BCB4A078B3F94D242AD620EA60
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=12352498
Frame ID: 0404583E89BED35178811C29E036FB13
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/apacdex
Frame ID: CD2C4D8BE42BC8FF1ACDE37EFA4DAE93
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1638248764265
Frame ID: E9A5B045E219994C024226BE196AF04A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F87A5A16913912242292B7898E2FC45B
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: B396A1FFC634D19FD2D781776EBDB91D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 63B19A12563E4C329F1B084E1D0D74D7
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 74CA30CD7FC8D6B597D6D39C42E81609
Requests: 2 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 36AC391387DE09AF02331EFFB703F871
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B5F43BE8EA1D81DFB8CDA444029987B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 77573B871C8A4782A5AE4AFB62D64A55
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B22788D26DFF046AA5C489062C97CCC9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

❄️ Snowflake EmojiBack ButtonSearch IconFilter Icon

Page URL History Show full URLs

http://emojipedia.org/snowflake/ HTTP 301
https://emojipedia.org/snowflake/ Page URL

Page Statistics

265
Requests

86 %
HTTPS

32 %
IPv6

63
Domains

98
Subdomains

79
IPs

10
Countries

2619 kB
Transfer

5908 kB
Size

66
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://instagram.com/explore/tags/%E2%9D%84%EF%B8%8F/
Title: ❄️ on Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/search?q=%E2%9D%84%EF%B8%8F
Title: ❄️ on Twitter

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/%E2%9D%84%EF%B8%8F
Title: ❄️ on Wikipedia

Search URL Search Domain Scan URL

URL: http://www.yelp.com/search?find_desc=%E2%9D%84%EF%B8%8F
Title: ❄️ on Yelp

Search URL Search Domain Scan URL

URL: https://www.youtube.com/results?search_query=%E2%9D%84%EF%B8%8F
Title: ❄️ on YouTube

Search URL Search Domain Scan URL

URL: https://trends.google.com/trends/explore?q=%E2%9D%84%EF%B8%8F
Title: ❄️ on Google Trends

Search URL Search Domain Scan URL

URL: https://nomadlist.com/search/%E2%9D%84%EF%B8%8F
Title: ❄️ on Nomad List

Search URL Search Domain Scan URL

URL: https://www.unicode.org/cgi-bin/GetDocumentLink?L2/13-207
Title: L2/13-207

Search URL Search Domain Scan URL

URL: https://www.unicode.org/cgi-bin/GetDocumentLink?L2/14-093
Title: L2/14-093

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/windows-11-november-2021-emoji-changelog/
Title: 🪟 Windows 11 November 2021 Emoji Changelog

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/samsung-one-ui-4-0-emoji-changelog/
Title: 🦃 Thanksgiving Emojis Get Gobbled Up

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/google-emoji-14-0-changelog/
Title: 🤖 Google Emoji 14.0 Changelog

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/first-look-googles-emoji-14-0-support-in-android-12l/
Title: 🤳 First Look: Google's Emoji 14.0 Support in Android 12L

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/pink-heart-emoji-might-finally-become-reality/
Title: 💖 Pink Heart Emoji Might Finally Become Reality

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/emojis-are-folklore/
Title: 📜 Emojis Are Folklore

Search URL Search Domain Scan URL

URL: https://blog.emojipedia.org/spooky-emojis-are-trending/
Title: 🎃 Spooky Emojis Are Trending

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Unicode_Standard
Title: Unicode Standard

Search URL Search Domain Scan URL

URL: http://unicode.org/consortium/members.html
Title: voting member of the Unicode Consortium

Search URL Search Domain Scan URL

URL: https://www.zedge.net/
Title: Zedge, Inc

Search URL Search Domain Scan URL

URL: https://twitter.com/emojipedia
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Emojipedia/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/emojipedia/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://tiktok.com/@emojipediaofficial
Title: TikTok

Search URL Search Domain Scan URL

URL: https://cookiepedia.co.uk/giving-consent-to-cookies
Title: More information

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://emojipedia.org/snowflake/ HTTP 301
https://emojipedia.org/snowflake/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://ssl.gstatic.com/trends_nrtr/1015_RC10/embed_loader.js HTTP 301
https://ssl.gstatic.com/trends_nrtr/2674_RC03/embed_loader.js

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1

Request Chain 134

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaWxPfsANDeNnOeCsPD43wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1

Request Chain 135

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIqbqhdfE7bt3YRFzT42dtM&google_cver=1

Request Chain 136

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwOTc0Njk1MzE2MDE0NTIwMA%3D%3D

Request Chain 137

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1

Request Chain 138

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaWxPfsANDeNnOeCsPD43wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1

Request Chain 139

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEIqbqhdfE7bt3YRFzT42dtM&google_cver=1

Request Chain 140

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwOTc0Njk1MzE2MDE0NTIwMA%3D%3D

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIM2qLwH0wng1NtUpknjAHk&google_cver=1

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEKyZGhCjbzfXRW7AxyS2svE&google_cver=1

Request Chain 162

https://hal90004.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=02559807d7&subid=&uid=2d5af116ed0c89fd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwYcwPLGlYem5NYWB7_UPh6ey0AvdreioYLuP39SICvAuEAEg1bSZe2CV2qCCsAfIAQmpAhn7Ovmv8LI-qAMBqgTsAU_QsR5EoxU8WCL5Oj_lT5xqJYHy-5Ya7eQdVJjvt1lUkNrsFXSK9xlB3tsdWloBDCsiErPwUdqCviVts9n8_QI7qmuR9427aK6NyRTEk7fjF2uzQPDgGngvc6uu18baQgnhleJdA50URNzuf2P34blOKBZg3UNb708Or4OUbPxQdR8jfmQ3z3OvstYvrnQC8ke1RUyfmlPK_dZwgLF7vWyl8fVql8Q8H9vsMru8Nr_5EByU9KsOmhuDG3f2NAj0uWv9czalbfUxAIfQ-YccdGpe97JhqbbC6Z_TJVMbSdLPndhsNIQYDfp4jFAUwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTIxOTA2MjgxNjMwNzc4ODeACgOYCwHICwGADAGwE57l7AzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoNt2s1CHl6TWwVms1TtDaswZgDg%26sig%3DAOD64_0-IHMxEepEhi5tk9UW3utgVTaYlQ%26client%3Dca-pub-4641608711979091%26dbm_c%3DAKAmf-B07MWVKxaj1TSGkxijHwh6vDCbRWvqOUwhpes_F1_IRpqNdpXUzdUGTV3vMw9_Wb9TbZuh0gip6zMUSffFLfNjEKwt-JxFB5GaJ91kZWczWsPyUBiWlAKR64fMoOF2HQAv8ygPNSjJojBUO64SINU4NcypCA%26cry%3D1%26dbm_d%3DAKAmf-CCxXUkTnsSnmftIBe24tPEEynIlDxsmKyIvMsT-hBLoqTWJ6V4kXQpCHWVjCEDQJHYIVxsV_HKZisH7Brh3HOcQ5rnchczq4bmFvS9pBbjQMD3qLqT6LFE8OY5jCI3A1s2Yq2s7Ikb6MtKvGs8Nod4UQOxveoJ7lwEGY1tT3QO0zb6JB8IratCSw5xcxwpNE4Zf8VCSWkjWLJERywqz9o4TJuDvy_mmTa0dpAkZWwGHEmJ6x3Uc6ZJ4l7g__MpJjIJ1jNLtq_M2tGisOBEcKFnRP_-su1gJTocviWSa3m8TWGbWTa9GJtRl6A8BRI78_TyYzdHOas0xUVXoxOMeDaRSjTZ3eEDIx5QCOWq1aE5FlNy_n-rzf2cuOfm-IN1GsBBv8B27IHXNcBTtw4bkYAhH9R0xvvBSWjPpK7GK6LcaO1TJpEh55X_Zid4zTfxQ9QOPZKnTPftvJpEOLNZIY4Vv9bjMg%26adurl%3D&documentReferer=https%3A%2F%2F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Femojipedia.org&random=3069794640542&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90004.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=02559807d7&subid=&uid=2d5af116ed0c89fd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwYcwPLGlYem5NYWB7_UPh6ey0AvdreioYLuP39SICvAuEAEg1bSZe2CV2qCCsAfIAQmpAhn7Ovmv8LI-qAMBqgTsAU_QsR5EoxU8WCL5Oj_lT5xqJYHy-5Ya7eQdVJjvt1lUkNrsFXSK9xlB3tsdWloBDCsiErPwUdqCviVts9n8_QI7qmuR9427aK6NyRTEk7fjF2uzQPDgGngvc6uu18baQgnhleJdA50URNzuf2P34blOKBZg3UNb708Or4OUbPxQdR8jfmQ3z3OvstYvrnQC8ke1RUyfmlPK_dZwgLF7vWyl8fVql8Q8H9vsMru8Nr_5EByU9KsOmhuDG3f2NAj0uWv9czalbfUxAIfQ-YccdGpe97JhqbbC6Z_TJVMbSdLPndhsNIQYDfp4jFAUwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTIxOTA2MjgxNjMwNzc4ODeACgOYCwHICwGADAGwE57l7AzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoNt2s1CHl6TWwVms1TtDaswZgDg%26sig%3DAOD64_0-IHMxEepEhi5tk9UW3utgVTaYlQ%26client%3Dca-pub-4641608711979091%26dbm_c%3DAKAmf-B07MWVKxaj1TSGkxijHwh6vDCbRWvqOUwhpes_F1_IRpqNdpXUzdUGTV3vMw9_Wb9TbZuh0gip6zMUSffFLfNjEKwt-JxFB5GaJ91kZWczWsPyUBiWlAKR64fMoOF2HQAv8ygPNSjJojBUO64SINU4NcypCA%26cry%3D1%26dbm_d%3DAKAmf-CCxXUkTnsSnmftIBe24tPEEynIlDxsmKyIvMsT-hBLoqTWJ6V4kXQpCHWVjCEDQJHYIVxsV_HKZisH7Brh3HOcQ5rnchczq4bmFvS9pBbjQMD3qLqT6LFE8OY5jCI3A1s2Yq2s7Ikb6MtKvGs8Nod4UQOxveoJ7lwEGY1tT3QO0zb6JB8IratCSw5xcxwpNE4Zf8VCSWkjWLJERywqz9o4TJuDvy_mmTa0dpAkZWwGHEmJ6x3Uc6ZJ4l7g__MpJjIJ1jNLtq_M2tGisOBEcKFnRP_-su1gJTocviWSa3m8TWGbWTa9GJtRl6A8BRI78_TyYzdHOas0xUVXoxOMeDaRSjTZ3eEDIx5QCOWq1aE5FlNy_n-rzf2cuOfm-IN1GsBBv8B27IHXNcBTtw4bkYAhH9R0xvvBSWjPpK7GK6LcaO1TJpEh55X_Zid4zTfxQ9QOPZKnTPftvJpEOLNZIY4Vv9bjMg%26adurl%3D&documentReferer=https%3A%2F%2F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Femojipedia.org&random=3069794640542&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 194

https://cdn.doubleverify.com/redirect/?host=tps20239&param=akipv6&impid=67ff984c03fd4fa0a9241d2af708f810&cbust=1638248766550600 HTTP 302
https://tps20239.doubleverify.com/event.png?impid=67ff984c03fd4fa0a9241d2af708f810&akipv6=2a0f:9441:5:0:e9::1

Request Chain 204

https://eb2.3lift.com/sync HTTP 302
https://eb2.3lift.com/sync?&ld=1

Request Chain 211

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=themediagrid&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=1&user_id=nND-L8jQrHyHhKwvndOyI5iDpy6HhfoontbZaC03

Request Chain 213

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKZdu1inGDZ3yEdjP27pCPY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 214

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzk4NjY5NjY4ODEyNjk3MTE3NQ%3D%3D

Request Chain 216

https://pr-bh.ybp.yahoo.com/sync/triplelift/7986696688126971175?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-T_M9deNE2oRq6ED751mPeue7_el2yP6Ey_kE.zzoXg--~A&dongle=0883

Request Chain 219

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=7986696688126971175 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7986696688126971175&dcc=t

Request Chain 220

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 221

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=3486924809240406478&dongle=d407

Request Chain 224

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWxPfsANDeNnOeCsPD43wAABKEAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWxPfsANDeNnOeCsPD43wAABKEAAAIB&dcc=t

Request Chain 226

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaWxPfsANDeNnOeCsPD43wAABKEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENf_DsJff9lIBOc1xxfK0Fc&google_cver=1

Request Chain 233

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D HTTP 302
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f261bb52-1de5-4293-b8cd-299a5bab54ed

Request Chain 234

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2809746953160145200

Request Chain 235

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2809746953160145200

Request Chain 236

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e6020d979062f948160f0a9d

Request Chain 237

https://ms.quantumdex.io/user/sync/quantumdex HTTP 302
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bd628fc3-045c-44cb-b6ed-50d568292738

Request Chain 240

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ASqEDM5E2uEikgSnS_5qn1lgv7ohYhdkzjsYFTw-~A

Request Chain 241

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3a3a420f-519b-11ec-8c54-022e3a216146 HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3a3a420f-519b-11ec-8c54-022e3a216146

Request Chain 242

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Request Chain 244

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c812511c-00d1-4bf0-b49c-39435382b5d6

Request Chain 245

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=8683da4c-3e87-514e-8c6a-79dbedcfc89b

Request Chain 252

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3486924809240406478

Request Chain 253

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YaWxQAAIVAXP1wAz HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YaWxQAAIVAXP1wAz&gdpr=1&_test=YaWxQAAIVAXP1wAz

Request Chain 255

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559721783656441

Request Chain 256

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4a7ac422-98f4-4d0a-8d47-51b270ef7a71

265 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
emojipedia.org/snowflake/
Redirect Chain

http://emojipedia.org/snowflake/
https://emojipedia.org/snowflake/

71 KB
10 KB

406ms
388ms

Document
text/html

2606:4700:10::6816:3999
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3999 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfc3c7103c2808e1d72a105b4761db121bb3caa62b3421e81eeca0115a31f807

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 30 Nov 2021 05:06:03 GMT
content-type: text/html; charset=utf-8
x-content-type-options: nosniff nosniff
referrer-policy: same-origin
x-frame-options: DENY
expires: Tue, 30 Nov 2021 09:05:36 GMT
cache-control: max-age=14400
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b618b544e6a702d-FRA
content-encoding: gzip

Redirect headers

Date: Tue, 30 Nov 2021 05:06:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://emojipedia.org/snowflake/
Strict-Transport-Security: max-age=86400
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b618b52dcf54a80-FRA

GET
H2 200 emojipedia.9ea8d1890696.css
emojipedia.org/static/css/ 16 KB
4 KB 22ms
21ms Stylesheet
text/css 2606:4700:10::6816:3999
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emojipedia.org/static/css/emojipedia.9ea8d1890696.css

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3999 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e9a70c1372cab641b03883ea1736353f67d78e9f66327dddaeccc2915d8c8a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/snowflake/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 71741
cf-polished: origSize=16858
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 16:07:35 GMT
server: cloudflare
etag: W/"61967a47-41da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cf-bgj: minify
cache-control: public, max-age=345600
cf-ray: 6b618b56db38702d-FRA
expires: Tue, 30 Nov 2021 09:10:22 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 30ms
14ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Lh0CEVPkmGuwf4KyqdKdhw==
age: 11782
vary: Accept-Encoding
content-length: 6403
x-ms-lease-status: unlocked
last-modified: Mon, 29 Nov 2021 20:31:03 GMT
server: cloudflare
etag: 0x8D9B37729BED1A3
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 351196a9-201e-00a4-1a6b-e5e202000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b618b56f81f073e-FRA

GET
H2 200 10175.js Show response
cdn.thisiswaldo.com/static/js/ 388 KB
111 KB 52ms
7ms Script
application/javascript 2600:9000:20eb:ac00:f:458e:2a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/10175.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ac00:f:458e:2a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

323fa7e9ccc16d83b6652f08bef430009f1c08cdd4f2cc3eb0f13846f458db61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 20:57:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Nov 2021 20:55:54 GMT
server: Apache/2.4.29 (Ubuntu)
age: 29308
etag: "610bd-5d0ee26c38d06-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: dXTEGNE-jW7ci0Ha_C_NZe0tXAtbJhbgNG1ipwfs5_hZj7QP_fexJg==

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/285/ 27 KB
27 KB 671ms
177ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/285/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfa711f0ab2f9d0cded2d504c4a3e255a678a35a31dca04bcfec185ab957b3a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Thu, 29 Apr 2021 07:08:04 GMT
Server: AmazonS3
x-amz-request-id: Q1P25KZ96PHCS2V6
ETag: "2eeffa6122f772f2f684ae4d05aefbde"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 27283
x-amz-id-2: ggmyMdWrPhIxfHxiS5EOt88AvG8mw5KewYE4RZUpxn0mG/kwtWAd0KTvVdFyAffomq6sq4R0bMI=

GET
H2 200 lazy.svg
emojipedia.org/static/img/ 716 B
380 B 19ms
16ms Image
image/svg+xml 2606:4700:10::6816:3999
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emojipedia.org/static/img/lazy.svg

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3999 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47c9fb3880fe502e58e3bc54c9f449be5c4a578bcffe20771b8f1c410c17791b

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/snowflake/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75528
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 18 Nov 2021 16:07:31 GMT
server: cloudflare
etag: W/"61967a43-2cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=345600
cf-ray: 6b618b578c7d702d-FRA
expires: Tue, 30 Nov 2021 08:07:16 GMT

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/google/313/ 7 KB
8 KB 681ms
170ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/google/313/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17da1c1d7c98c85f033772ed3e35bb39f50f6f31592e936269d4c52c046fdeb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Mon, 01 Nov 2021 19:56:45 GMT
Server: AmazonS3
x-amz-request-id: Q1PEVP2WEQHEEZ26
ETag: "10a65dff50983217e0e706a0e2cd60b6"
Content-Type: image/png
x-amz-version-id: Q4YG4.JOeo.UqPbKvwFIOgFnJRTNroZW
Accept-Ranges: bytes
Content-Length: 7630
x-amz-id-2: KDZg8TjLdtilDNOTH9IpcGDalQ/fX05Kx4q/r2mswyK7TnZunQLfA1+VB3T2mjJL6EHt3oNJHfo=

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/samsung/312/ 7 KB
7 KB 687ms
174ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/samsung/312/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 110689a100eb436859899fddb8aa6798c9cbb988ebcfde9bb30accf1784f9964

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Mon, 18 Oct 2021 12:49:48 GMT
Server: AmazonS3
x-amz-request-id: Q1P552JJSH944RDH
ETag: "8e097b31775d835ebc54fa3ac73aa7f3"
Content-Type: image/png
x-amz-version-id: ngHEZca4s98wsX4Uf4NaLipcVhYsTSwP
Accept-Ranges: bytes
Content-Length: 6790
x-amz-id-2: plBZbf84qylBzoNhwnIL/YeiYOIdqVhMbGQ2+PBNqKx5aMMwIYW7ZnhPG2TFxTDCW4DKZ1F4/54=

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/microsoft/310/ 4 KB
5 KB 700ms
183ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/microsoft/310/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6019bb04380b572778cd3a034fe26f978c700a5208f99e453d4448d4ac632814

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Wed, 24 Nov 2021 11:13:21 GMT
Server: AmazonS3
x-amz-request-id: Q1P66RQBXWYED0T8
ETag: "39945dbd757da9de0d40c6f4f54b56d8"
Content-Type: image/png
x-amz-version-id: UBazNYHJLcpnmGbRQ792v43bzgfa16pn
Accept-Ranges: bytes
Content-Length: 4292
x-amz-id-2: NPi4XnmX3cVtz1ZbMb9HtX6KRt2EgS5nzRDkKlsUTMxiIadHMjiOdUOLzyaBgag/CJqpMXmqsRU=

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/whatsapp/302/ 18 KB
18 KB 696ms
176ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/whatsapp/302/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02dd43b7c0fcc3b81c9ee059b33f03fd69b7327cdfbc6659d5ee9e3756a5d473

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Wed, 18 Aug 2021 17:07:10 GMT
Server: AmazonS3
x-amz-request-id: Q1P7RX51JC090JCS
ETag: "83beeef006c83a26d6012c4dd33f676f"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 17955
x-amz-id-2: vk46TlasGOKFbFSVzDQZHFRmOMORi2W4AUW+7kQw2MBKFb4nJn6CeJXUgkGn1VIMkn01TWhNqIo=

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/twitter/282/ 5 KB
6 KB 736ms
197ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/twitter/282/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64264a0f605d452d0d477f591d24c99d088a8466d94d1f22f0659404afec56fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Wed, 24 Mar 2021 06:26:55 GMT
Server: AmazonS3
x-amz-request-id: Q1PA7ZXJ5Y77JX42
ETag: "803613f637e6baa19ba25a60072825c5"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 5458
x-amz-id-2: zGRKxOYe6udz7OeJYzM8CeyvXG9YMcqG3Ki6ONB1ZO1IHDokhn/Vtz3Vt3JZcDTp7h96Q7Pnccw=

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/facebook/304/ 16 KB
16 KB 171ms
171ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/facebook/304/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae4bf1d0558a5f9631f100b99199f6150d216f0fe1b065b3f0043b0fedc2a319

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Thu, 19 Aug 2021 23:55:57 GMT
Server: AmazonS3
x-amz-request-id: Q1P5YK26G90P2BWP
ETag: "4ef4396ad373e1ca04f369a226b747c8"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 16061
x-amz-id-2: zxu4M4oLcoX6acbTCewVb66+6evMutDdRX1lqkseQ5Zb+wqSFjz7zK0BV7J8EX8ajvPLa79Ltd8=

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.amazonaws.com/source/skype/289/ 440 KB
441 KB 678ms
173ms Image
image/png 52.219.112.35
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.amazonaws.com/source/skype/289/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.112.35 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 789a0d85e03cd24e8a827ce2e1ac5d057490c2f017a8660f2cea3811b5770e90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Tue, 22 Jun 2021 11:34:17 GMT
Server: AmazonS3
x-amz-request-id: Q1P108TFHBJ2KZ1D
ETag: "2d6eb45e567f4707a5b721b0276c9c39"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 450766
x-amz-id-2: zgYHY0wKY9Bf0TG2RaqTKqIpVOm/IkBVwgj3RhSG842PCGW8OZHXj8qvtv3ySwFCZxi1odLs7bs=

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/joypixels/291/ 13 KB
13 KB 173ms
173ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/joypixels/291/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02ab747a19ec7995eabf99531baa365d71a096a39013d02fa815dc7ca4dff92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Fri, 25 Jun 2021 03:08:50 GMT
Server: AmazonS3
x-amz-request-id: Q1PB8JGV7JESTVNQ
ETag: "a6c73dc93d4a11d7946115aff88dd47d"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 13307
x-amz-id-2: 2SiEMNxbID89W9kFpY341fePkoUZLz9OUmtIFgC6vcRhSKlDQo2puZEdvugcLwPQnjolyezAXDY=

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/openmoji/292/ 3 KB
3 KB 176ms
176ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/openmoji/292/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f503b1dd1bbdba3ecf7bbf5514831140ecbfd507eba4c8d52b77142c85028dc4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Tue, 29 Jun 2021 14:33:21 GMT
Server: AmazonS3
x-amz-request-id: Q1P8YD7X0G84VJ71
ETag: "c2dbb08add537eed720804dbc7a8bd55"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 2714
x-amz-id-2: ud5/top7RXmBRnwzQp+Ypqt7vNOY8qhpEsblfEMWi775qppF0PqnCMkuXIdy8vCtLl7ywzO01/U=

GET
H/1.1 200
OK snowflake_2744.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/emojidex/112/ 13 KB
13 KB 184ms
183ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/emojidex/112/snowflake_2744.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9abfc9328e218180b72ce226fff1fd439a5628036e73f4bff88de5e291b8d1ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Mon, 21 Aug 2017 13:44:08 GMT
Server: AmazonS3
x-amz-request-id: Q1PDKTA5E4QNKVWK
ETag: "eac5bec1e2e0c8619d7befdb3ebf2ce1"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 13326
x-amz-id-2: le1QSmwreZrdJUyIEwxWdUTskjbL6mFNnRDxLos6mxmnGzxVuUWGVPh4jGqu9DKru1gi6z9uV5w=

GET
H/1.1 200
OK snowflake_2744.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/facebook/65/ 10 KB
11 KB 166ms
166ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/facebook/65/snowflake_2744.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3209df43d7203dae3c00d8c2a3c7ae9cc011f5aa5bdb52c4f9743b2ac34e0bee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Last-Modified: Wed, 21 Jun 2017 13:45:30 GMT
Server: AmazonS3
x-amz-request-id: Q1PAR7FADJZV9MVW
ETag: "5c83c96d7ea9ebad91139fac7352dbc1"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 10591
x-amz-id-2: 5Iakhs5Cp3pJMQ+iUvPl4KuKNIz1VzAJ+D+ddE0nZtMWg8/Y3HnklJovo0Zq5L93e6IpykrgWmI=

GET
H/1.1 200
OK snowflake_2744-fe0f.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/lg/307/ 20 KB
20 KB 172ms
172ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/lg/307/snowflake_2744-fe0f.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9e39594b375e5d5b826c69418e4f3be612f7eaa57f3535fe9bebb1e4cfff0ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Last-Modified: Wed, 01 Sep 2021 00:05:06 GMT
Server: AmazonS3
x-amz-request-id: QF8PKBV5TXA3M5PC
ETag: "bee55af17c052b1f9919d991fe6564e2"
Content-Type: image/png
x-amz-version-id: MKEXmjeBha5DTyIH7TwKwhfJ6Rx_bflE
Accept-Ranges: bytes
Content-Length: 20518
x-amz-id-2: ypZW3ZPhqmnJ6sedHn/M6/RM5YBAxUBgAVgw6gIFxceqYqYaDAxl+VI1XGkIYeBO+65lvuwtDaE=

GET
H/1.1 200
OK snowflake_2744.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/htc/37/ 4 KB
5 KB 175ms
175ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/htc/37/snowflake_2744.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb9a44f137be88104b65f4661eda56026d8b0b6051f5223daf9522bd6a18448a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Last-Modified: Wed, 21 Jun 2017 14:02:07 GMT
Server: AmazonS3
x-amz-request-id: QF8JT2TG5S9H6MXQ
ETag: "6092eddc539d1e2508f39bd1315fc03e"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 4411
x-amz-id-2: ZTYy6OC44UsZ5yexWS82pmhipOz1HzDTJ3rk5UovAMIcM72IXHkmxXGtB3Fu+rtRWdaHOgJCaP8=

GET
H/1.1 200
OK snowflake_2744.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/mozilla/36/ 6 KB
6 KB 172ms
172ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/mozilla/36/snowflake_2744.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 482b50f17b31e6061a4b1fc13f40717cc6e16bf6d672f6e6ba597597b9b8c90b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Last-Modified: Wed, 21 Jun 2017 14:15:23 GMT
Server: AmazonS3
x-amz-request-id: QF8KW8GQVVGXXBX3
ETag: "771f8a0035c64fa8dc375329155fc822"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 6032
x-amz-id-2: 1TXozP6hS8ll5/YKjgdJAX2gwiD9bAmLargioqb4iLj5xSZBnb7s8PDH3thPLTzLhhvZYaPFd90=

GET
H/1.1 200
OK snowflake_2744.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/softbank/145/ 9 KB
9 KB 177ms
177ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/softbank/145/snowflake_2744.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 08715daa5b0cbf417518e3cd112d0b0e827956db3669194e4cec01b8a38ef114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Last-Modified: Wed, 27 Jun 2018 12:15:25 GMT
Server: AmazonS3
x-amz-request-id: QF8SPGWKMFVPNAGN
ETag: "43c8c6abc6466abfaaf8852e09d17f46"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 9285
x-amz-id-2: nX1XFG6wr6dXfxfdfp5WSaPQPwRRtYVj5Y8SZJi5rhACYx8ssaHpgSoQbhO3O5Qem8hemcTyVrA=

GET
H/1.1 200
OK snowflake_2744.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/docomo/205/ 5 KB
5 KB 189ms
189ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/docomo/205/snowflake_2744.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13359606f3db6d8aee66e033877a8c615d74ba56ffb740cdf6b69239dee2dff2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Last-Modified: Fri, 12 Apr 2019 10:27:53 GMT
Server: AmazonS3
x-amz-request-id: QF8K63H9RVJDZ9D3
ETag: "c8771dc9b30265d0611f9b9e60a9b0c3"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 5114
x-amz-id-2: qPPUE05e+JK3n8rT8JXwAa0+9Tvw6beRZY3Me3bKkTx70LQkEojZQ+ic1cqwkLGpjxTtyZSTJk0=

GET
H/1.1 200
OK snowflake_2744.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/au-kddi/190/ 4 KB
4 KB 169ms
169ms Image
image/png 2600:1fa0:c040:301:34db:792a::
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/au-kddi/190/snowflake_2744.png
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c040:301:34db:792a:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8169f9a8ce88dad8ec1660b286c499a86fa86fa0c8d60c4080fdae0c7b48122

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Last-Modified: Sat, 09 Mar 2019 15:41:26 GMT
Server: AmazonS3
x-amz-request-id: QF8XK06RSJNF3ASK
ETag: "84de955887b0354bdd4eac21b9f3053e"
Content-Type: image/png
x-amz-version-id: null
Accept-Ranges: bytes
Content-Length: 4131
x-amz-id-2: 4X6MuFVVqkw9mJWZDxN8bg5MEeycGmA/a46MLxIef493vSz+Z4CP+2pfk/oEy71oc9P77hzCYWg=

GET
H2 200 jquery.min.1171de55ad62.js Show response
emojipedia.org/static/js/ 133 KB
38 KB 16ms
15ms Script
application/javascript 2606:4700:10::6816:3999
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emojipedia.org/static/js/jquery.min.1171de55ad62.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3999 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb46e2bf6f3a85b6f6adb3f66299403bb2e9adc528dd01fccc1f2bdcc05d78d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/snowflake/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66350
cf-polished: origSize=136096
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 16 Nov 2021 10:38:46 GMT
server: cloudflare
etag: W/"61938a36-213a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: public, max-age=345600
cf-ray: 6b618b570bc6702d-FRA
expires: Tue, 30 Nov 2021 10:40:14 GMT

GET
H2 200 site.cc90b96205fb.js Show response
emojipedia.org/static/js/ 17 KB
5 KB 17ms
17ms Script
application/javascript 2606:4700:10::6816:3999
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emojipedia.org/static/js/site.cc90b96205fb.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3999 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76113ac94f00eb22208a1a3f652571398c38f43339e11f765965ae50b8cf4614

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/snowflake/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 66116
cf-polished: origSize=17649
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Oct 2018 09:12:49 GMT
server: cloudflare
etag: W/"5bd03791-44f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: public, max-age=345600
cf-ray: 6b618b573c07702d-FRA
expires: Tue, 30 Nov 2021 10:44:07 GMT

GET
H2 200 lazy.f12b5efd22b1.js Show response
emojipedia.org/static/js/ 13 KB
4 KB 12ms
12ms Script
application/javascript 2606:4700:10::6816:3999
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://emojipedia.org/static/js/lazy.f12b5efd22b1.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3999 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e03239557e46aeafe7874eb1be37a3a99be9bcea593843aef24937d78721c432

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/snowflake/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75528
cf-polished: origSize=13209
strict-transport-security: max-age=86400
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Mar 2017 10:46:37 GMT
server: cloudflare
etag: W/"58be8f8d-3399"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cache-control: public, max-age=345600
cf-ray: 6b618b575c29702d-FRA
expires: Tue, 30 Nov 2021 08:07:16 GMT

GET
H2 200 751e4177-1659-409b-8176-45ccd0adeaff.json Show response
cdn.cookielaw.org/consent/751e4177-1659-409b-8176-45ccd0adeaff/ 4 KB
2 KB 33ms
14ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/751e4177-1659-409b-8176-45ccd0adeaff/751e4177-1659-409b-8176-45ccd0adeaff.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4257c93a6261660aceb5720da447af3c9fce0a1fa599169fb6e757c65d926cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lo1blyL8LxCYvW8UJBxduQ==
age: 10620
vary: Accept-Encoding
content-length: 1546
x-ms-lease-status: unlocked
last-modified: Mon, 11 Oct 2021 12:12:06 GMT
server: cloudflare
etag: 0x8D98CB057D8F5F9
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 290e3140-e01e-009b-6e38-bf55de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b618b57285e5b4a-FRA
expires: Tue, 30 Nov 2021 09:06:04 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 165 B
388 B 35ms
17ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b618b57a93c0601-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 50ms
26ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1059 / 372 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26861
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Nov 2021 05:06:04 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/ 49 KB
13 KB 28ms
6ms Script
text/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69760e762ad4441a93cbbe63240f71fe753a6582764345ba57705afcb8daf4e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:04 GMT
Content-Encoding: gzip
Age: 960
X-Cache: HIT
Connection: keep-alive
Content-Length: 12537
x-amz-id-2: hUi+iBncQL8tCQpFfkywDpcg+J22xqft+z/y/CkVi8NRo4Iyco1oQhHnLVLkyHObdv4WeoiQOEA=
X-Served-By: cache-fra19158-FRA
Last-Modified: Tue, 30 Nov 2021 02:40:33 GMT
Server: AmazonS3
X-Timer: S1638248764.110171,VS0,VE0
ETag: "95d3a24d13c590dfb592c1dc98c44e97"
x-amz-request-id: CAM03RHHYTY6WTPX
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 6

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 47ms
9ms Script
application/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: KuXuY5mbG6yln5YsEdf9JaPJtFF6aIqm
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 89
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0PTE3X5JF7TTER1METMH
date: Tue, 30 Nov 2021 05:04:35 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: Va9sfTA7FM2d42mo5-lzpeUhapSzMCSfBo-J0GZpPoiwkOig3cXWRw==

GET
H2 200 me Show response
ipfind.co/ 351 B
465 B 552ms
214ms XHR
application/json 54.153.127.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ipfind.co/me?auth=3757a9b9-5759-4813-bc1a-7fa0b8ba94c1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.153.127.51 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-153-127-51.us-west-1.compute.amazonaws.com
Software: Apache/2.4.18 (Ubuntu) /
Resource Hash: a2b07b414cac5d8d707128c72fe7957eb64f1b720c52c233416657d0492ec261

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
server: Apache/2.4.18 (Ubuntu)
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, private
access-control-allow-credentials: true
content-length: 244

GET
H2 200 emojipedia-logo-32.00da97aa590a.png
emojipedia.org/static/img/logo/ 2 KB
3 KB 13ms
13ms Image
image/png 2606:4700:10::6816:3999
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emojipedia.org/static/img/logo/emojipedia-logo-32.00da97aa590a.png

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/static/css/emojipedia.9ea8d1890696.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3999 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0275a238773358a8b942e94bc90a30adcf06b88d72b6f460b6048302b974544c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/static/css/emojipedia.9ea8d1890696.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 75464
cf-polished: origSize=5270
strict-transport-security: max-age=86400
content-length: 2485
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Mar 2017 10:46:37 GMT
server: cloudflare
etag: "58be8f8d-1496"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Tue, 30 Nov 2021 08:08:20 GMT
cache-control: public, max-age=345600
accept-ranges: bytes
cf-ray: 6b618b578c7f702d-FRA
cf-bgj: imgq:85,h2pri

OPTIONS
H2 204 newor
newor.technoratimedia.com/openrtb/bids/ Frame 0
0 311ms
96ms Preflight 193.122.174.27
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://newor.technoratimedia.com/openrtb/bids/newor?src=prebid_prebid_4.43.0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://emojipedia.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 30 Nov 2021 05:06:04 GMT
access-control-allow-headers: content-type
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 843584329
age: 0
via: 1.1 varnish

GET
H2

200

embed_loader.js Show response
ssl.gstatic.com/trends_nrtr/2674_RC03/
Redirect Chain

https://ssl.gstatic.com/trends_nrtr/1015_RC10/embed_loader.js
https://ssl.gstatic.com/trends_nrtr/2674_RC03/embed_loader.js

12 KB
5 KB

8ms
7ms

Script
text/javascript

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/trends_nrtr/2674_RC03/embed_loader.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d0c08b23ea9d197127089562fbfdf4b9278780e63f58fb5660becc1dc17452f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:15:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 478231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/izeitgeist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4923
x-xss-protection: 0
last-modified: Mon, 02 Aug 2021 15:01:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="izeitgeist"
vary: Accept-Encoding
report-to: {"group":"izeitgeist","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/izeitgeist"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 16:15:33 GMT

Redirect headers

date: Tue, 30 Nov 2021 04:41:08 GMT
x-content-type-options: nosniff
server: sffe
age: 1496
content-type: text/html; charset=UTF-8
location: https://ssl.gstatic.com/trends_nrtr/2674_RC03/embed_loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 258
x-xss-protection: 0
expires: Tue, 30 Nov 2021 05:11:08 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 297
date: Tue, 30 Nov 2021 05:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 30 Nov 2021 07:01:07 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
983 B 39ms
12ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4
content-type: application/javascript
x-amz-request-id: tx20fcbba173164c66b29ed-0061961d50
x-amz-id-2: tx20fcbba173164c66b29ed-0061961d50
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8yNxz7D6zpbIJNBnYzMiZKi49FbfxylODzNtonvPNwkq5Ocgl1o8Bu3Jl%2FQB82qzS0xRxdTmTeDjGuTvDHtUCxHVOn%2BqRz7l0TbRQtKLTSpBioyv9ZesKZKncau76w2%2BASfZyHJGMmvxi4P%2B"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 1637227780937425
cache-control: public, max-age=1800
cf-ray: 6b618b583dcb6940-FRA
expires: Tue, 30 Nov 2021 05:36:04 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
378 B 510ms
320ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Tue, 30 Nov 2021 05:06:03 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 229
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 49 KB
8 KB 295ms
255ms XHR
application/json 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0af4ecd015f372fb7d62da3dcdd120561638e96a2ab453f8bc2974e88834ca1a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 30 Nov 2021 05:06:04 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 61b59aad-8df4-471f-af58-4f5e45a9124c
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://emojipedia.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
288 B 128ms
94ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dVQ06ADzGr6yooaKlId8sQ
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: da520c3b1a42f2e97fa7c0ccc98a4b092e340588837580564bd3427f2f9249ef

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
149 B 140ms
106ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dVQ06ADzGr6yooaKlId8sQ
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 706004a270f0e8631b26bf97d61c2c19d8b3c1787f597bb0086d108bd59c0606

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
157 B 128ms
95ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dVQ06ADzGr6yooaKlId8sQ
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f4622e3caa827364659587b6b69c5eb291de91a18b7b82eeed7f8ab51e79edad

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 128ms
95ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dVQ06ADzGr6yooaKlId8sQ
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f5dbc71d94fb883082b19f42a08fc974ddf73157bf987f79bccfffdfafcd7ce9

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 66 B
158 B 130ms
97ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=dVQ06ADzGr6yooaKlId8sQ
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 5f00334571171586b742a56d1164fcffd76dd65cc062895a5bcdc8c8344b4fb9

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 2 KB
2 KB 101ms
70ms XHR
application/json 184.31.84.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=642675&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2219283d54926aa5e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Femojipedia.org%2Fsnowflake%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%2210175%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222044fac3ef8acff%22%2C%22ext%22%3A%7B%22siteID%22%3A%22642675%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2221b361cfbf4cdd6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22642676%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%222246e72b62f8b9a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22642677%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-31-84-150.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3822f9ca7e1e656b0e36d6ebe9c7546f24e5684422eb23bd9427abcb45dfede0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:04 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.77], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://emojipedia.org
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 1963
x-ak-client-geo: 12
expires: Tue, 30 Nov 2021 05:06:04 GMT

GET
H2 200 arj Show response
the-eighth-d.openx.net/w/1.0/ 73 B
379 B 59ms
25ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://the-eighth-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Femojipedia.org%2Fsnowflake%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=04c820f5-e871-4fd0-9e15-f810d5e20969%2C78ad8f15-5e39-4d83-91b9-220b257b567b%2Cd9c193c0-a6ae-4c17-a094-f73332e49c56%2Cfdb20399-edc5-4367-a279-6df5a1040233%2C703088e5-424d-4fe1-830f-b3e9ef616b1f&nocache=1638248764184&schain=1.0%2C1!newormedia.com%2C10175%2C1%2C%2C%2C&aus=728x90%7C300x250%7C300x250%7C300x250%7C300x600&divids=waldo-tag-10210%2Cwaldo-tag-10211%2Cwaldo-tag-10212%2Cwaldo-tag-12170%2Cwaldo-tag-12171&aucs=%2C%2C%2C%2C&auid=545728921%2C545728922%2C545728923%2C545728917%2C545728916
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 1eaec5cb8211c47d4eccd1bc231f51e6e49f7d4881363b7a553e9a6a05369fc0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://emojipedia.org
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 prebid Show response
exchange.postrelease.com/ 0
392 B 305ms
92ms XHR
application/json 54.145.87.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.postrelease.com/prebid?ntv_ptd=1133038,1133037,1133037,1133037,1137836&ntv_pb_rid=298c4e1a5b44e37&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoid2FsZG8tdGFnLTEwMjEwIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXV19fX0seyJhZFVuaXRDb2RlIjoid2FsZG8tdGFnLTEwMjExIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF1dfX19LHsiYWRVbml0Q29kZSI6IndhbGRvLXRhZy0xMDIxMiIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJ3YWxkby10YWctMTIxNzAiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXV19fX0seyJhZFVuaXRDb2RlIjoid2FsZG8tdGFnLTEyMTcxIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDYwMF1dfX19XX0=&ntv_url=https%3A%2F%2Femojipedia.org%2Fsnowflake%2F
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.87.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-87-156.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://emojipedia.org
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
content-length: 20
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
341 B 127ms
29ms XHR
text/plain 52.212.155.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.155.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-155-9.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Tue, 30 Nov 2021 05:06:04 GMT
X-SMT-SessionId: 20b689dc-23f5-40dd-9dde-b9ae7063c6ed

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
341 B 129ms
29ms XHR
text/plain 52.212.155.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.155.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-155-9.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Tue, 30 Nov 2021 05:06:03 GMT
X-SMT-SessionId: 41813853-f07c-4b9d-b0fc-12934e26e464

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
341 B 130ms
29ms XHR
text/plain 52.212.155.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.155.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-155-9.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Tue, 30 Nov 2021 05:06:04 GMT
X-SMT-SessionId: 62b667c1-665a-4884-8d89-dad04b0ca743

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
341 B 133ms
31ms XHR
text/plain 52.212.155.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.155.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-155-9.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Tue, 30 Nov 2021 05:06:03 GMT
X-SMT-SessionId: 16952b75-1904-4421-99d0-64fdebe9015e

POST
H/1.1 204 prebid Show response
prebid.ad.smaato.net/oapi/ 0
341 B 134ms
31ms XHR
text/plain 52.212.155.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 52.212.155.9 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-155-9.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Expose-Headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-MESSAGE,X-SMT-Expires
Access-Control-Allow-Credentials: true
Server: SOMA
Connection: keep-alive
Date: Tue, 30 Nov 2021 05:06:04 GMT
X-SMT-SessionId: 40a41542-35d5-424f-92bd-dd0a294575ec

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
224 B 124ms
32ms XHR
text/plain 54.77.232.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.43.0&p=%5B%7B%22placement_id%22%3A%22waldo-tag-10210%22%2C%22callback_id%22%3A%2242b382a8b712b6e%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222759516352719823367%22%7D%2C%7B%22placement_id%22%3A%22waldo-tag-10211%22%2C%22callback_id%22%3A%22432ed81a63cdcf7%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222759516352719823367%22%7D%2C%7B%22placement_id%22%3A%22waldo-tag-10212%22%2C%22callback_id%22%3A%224425ca5f712146%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222759516352719823367%22%7D%2C%7B%22placement_id%22%3A%22waldo-tag-12170%22%2C%22callback_id%22%3A%2245bc5c2b6e9cd7f%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222759516352719823367%22%7D%2C%7B%22placement_id%22%3A%22waldo-tag-12171%22%2C%22callback_id%22%3A%224610f8a30bdad88%22%2C%22sizes%22%3A%5B%5B300%2C600%5D%5D%2C%22ym_placement_id%22%3A%222759516352719823367%22%7D%5D&page_url=https%3A%2F%2Femojipedia.org%2Fsnowflake%2F&bust=1638248764187&pr=&scrd=1&dnt=false&description=&title=%E2%9D%84%EF%B8%8F%20Snowflake%20Emoji&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22newormedia.com%22%2C%22sid%22%3A%2210175%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.232.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-232-22.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
pragma: no-cache
date: Tue, 30 Nov 2021 05:06:04 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 2 B
186 B 88ms
58ms XHR
application/json 52.29.166.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.166.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-166-103.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Tue, 30 Nov 2021 05:06:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 2
content-type: application/json; charset=UTF-8

POST
H2 200 prebid Show response
mp.4dex.io/ 99 B
488 B 139ms
112ms XHR
application/json 2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mp.4dex.io/prebid

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0858cbeb62ffce2e64e3e8571ce544e582ff761deb2ac556943b1ef1b85d1e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-warn: Selecting bids. No selected bids
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
cf-ray: 6b618b585819694c-FRA
server: cloudflare
expires: 0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 13 KB
5 KB 100ms
74ms XHR
application/json 52.59.85.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Femojipedia.org%2Fsnowflake%2F&tmax=3000

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.85.35 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-59-85-35.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e4a78c932df5b46299f35a500b0a4442cf78c9f78143a250940f024e054d2035

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
content-type: application/json; charset=utf-8
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 5088
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
370 B 62ms
18ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://emojipedia.org
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 newor Show response
newor.technoratimedia.com/openrtb/bids/ 0
293 B 289ms
98ms XHR
text/plain 193.122.174.27
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://newor.technoratimedia.com/openrtb/bids/newor?src=prebid_prebid_4.43.0
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.174.27 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 789401867
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 6 KB
4 KB 189ms
162ms XHR
application/json 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: e1149bb34b5c0050aa59dcbd2ae64a4ba7ad73b856bae306808dc2cface0fe67

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 30 Nov 2021 05:06:04 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://emojipedia.org
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 3376

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 43ms
9ms XHR
text/plain 52.28.9.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.9.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-9-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Tue, 30 Nov 2021 05:06:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 90ms
57ms XHR
text/plain 52.28.9.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.9.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-9-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Tue, 30 Nov 2021 05:06:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 51ms
18ms XHR
text/plain 52.28.9.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.9.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-9-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Tue, 30 Nov 2021 05:06:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 51ms
19ms XHR
text/plain 52.28.9.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.9.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-9-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Tue, 30 Nov 2021 05:06:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 53ms
21ms XHR
text/plain 52.28.9.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.9.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-9-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://emojipedia.org
date: Tue, 30 Nov 2021 05:06:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 apacdex Show response
useast.quantumdex.io/auction/ 0
337 B 507ms
482ms XHR
text/plain 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/apacdex
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
cf-ray: 6b618b5859834e07-FRA

POST
H/1.1 200
OK track-impression Show response
thisiswaldo.com/js/ 1 B
376 B 364ms
132ms XHR
application/json 52.15.219.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://thisiswaldo.com/js/track-impression

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.15.219.226 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-15-219-226.us-east-2.compute.amazonaws.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Tue, 30 Nov 2021 05:06:04 GMT
X-Content-Type-Options: nosniff, nosniff
Server: Apache/2.4.29 (Ubuntu)
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 1
Expires: Sun, 19 Nov 1978 05:00:00 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/ 189 KB
60 KB 7ms
6ms Script
application/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/bbdvOAJnqH-Idffgn_02C2Cyx_E/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:04 GMT
Content-Encoding: gzip
Age: 317
X-Cache: HIT
Connection: keep-alive
Content-Length: 61293
x-amz-id-2: jzXf5usRbJR3PYvp69Big/B/XsVaN007aaf8DzTo4oE6Ozrfyzq3/rqhk6J2PTv5JM4jjOX3BWs=
X-Served-By: cache-fra19158-FRA
Last-Modified: Wed, 17 Nov 2021 21:29:49 GMT
Server: AmazonS3
X-Timer: S1638248764.206541,VS0,VE0
ETag: "cb7589d017ac65aecf6dc6f5ec17c4b7"
x-amz-request-id: KY5DB13GGJV0P5XQ
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 70

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.23.0/ 312 KB
75 KB 15ms
14ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: joMckLq8BtEunD8NH/4XVA==
age: 3646713
vary: Accept-Encoding
content-length: 76366
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:58 GMT
server: cloudflare
etag: 0x8D96DBF6CBEE741
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 884a5034-801e-002a-2c6c-c4ada3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b618b58498b073e-FRA

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 7ms
7ms XHR
text/plain 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Femojipedia.org&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 00:08:25 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
server: Server
age: 17858
x-cache: Hit from cloudfront
access-control-allow-origin: https://emojipedia.org
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: XxUodKlfnwMRhBGr7RpIffd7ntrNTRoAbH-K9YcSPUmeq-51jkrF7g==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
489 B 47ms
47ms XHR
text/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Femojipedia.org%2Fsnowflake%2F&pid=wQpLNiF3B1Ic3&cb=0&ws=1600x1200&v=7.71.1&t=2250&slots=%5B%7B%22sd%22%3A%22waldo-tag-10210%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia728x90FS_1%22%7D%2C%7B%22sd%22%3A%22waldo-tag-10211%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_1%22%7D%2C%7B%22sd%22%3A%22waldo-tag-10212%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_2%22%7D%2C%7B%22sd%22%3A%22waldo-tag-10213%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_3%22%7D%2C%7B%22sd%22%3A%22waldo-tag-10321%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_4%22%7D%2C%7B%22sd%22%3A%22waldo-tag-10646%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia728x90FS_2%22%7D%2C%7B%22sd%22%3A%22waldo-tag-11040%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x600FX_1%22%7D%2C%7B%22sd%22%3A%22waldo-tag-12170%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x250FX_5%22%7D%2C%7B%22sd%22%3A%22waldo-tag-12171%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22124067137%2C21872898416%2Femojipedia300x600FX_2%22%7D%5D&pubid=094e2c86-72d9-47d6-a647-d95ce39ad4c7&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.198.4 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-198-4.fra2.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: F3J7VJGK0ZDHYC7XZ0C0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://emojipedia.org
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: w5pjrvV0x1S1KyMK6E4Bw4NMWauMPtT2A4OVapdBD9ag69c3Hdda9g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
8ms XHR
application/javascript 13.224.198.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.198.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-198-4.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 6335
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Tue, 30 Nov 2021 03:20:30 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Uhnos6Pkeuue452PeMkgAJSJh3QkAMwAzxDVAl63FrXbGDbUaGzGSg==

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 29ms
15ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 30 Nov 2021 05:06:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 95 B
114 B 30ms
15ms XHR
application/json 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=emojipedia.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

456d9df6b2a652d0f54f0287bb107b94d4c276b15edb9b97daca5b26c2fd9efc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89
x-xss-protection: 0
expires: Tue, 30 Nov 2021 05:06:04 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 27ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=26796539&t=pageview&_s=1&dl=https%3A%2F%2Femojipedia.org%2Fsnowflake%2F&ul=en-us&de=UTF-8&dt=%E2%9D%84%EF%B8%8F%20Snowflake%20Emoji&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=850321009&gjid=1591432667&cid=2147064578.1638248764&tid=UA-43649623-1&_gid=64249564.1638248764&_r=1&_slc=1&z=730193936

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 71 KB
22 KB 38ms
17ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1020897
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txb7759551935d45a2a147f-0061961d52
x-amz-id-2: txb7759551935d45a2a147f-0061961d52
last-modified: Thu, 18 Nov 2021 09:29:40 GMT
server: cloudflare
etag: W/"ade00d0c7876260b60ee0cd4912d02bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WwamvADGL4fKIE5p5qYkB3HGbTUAUU1qAVHswYtm9k44JY0XvzSpcAml0wJ1T6DHZf1oDbxfCeM%2FV5IXNkigr%2FKl1560YwEtSQqqvGLnWbWpWyzns2Pd%2FsmimCXPm7JUw%2FNjy9Vj8%2BqyGSzg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1637227779984125
cf-ray: 6b618b58bfae2b1e-FRA
access-control-allow-headers: Authorization

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/751e4177-1659-409b-8176-45ccd0adeaff/e0397f92-d6e8-46b8-9a16-0d2a09450f74/ 115 KB
20 KB 17ms
17ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/751e4177-1659-409b-8176-45ccd0adeaff/e0397f92-d6e8-46b8-9a16-0d2a09450f74/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1d5c34e467b28678e5991174197c0ed1391df1e2d9ba260b4492849c6bcad05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: yi9kCz6xewK5Qv5Fp+bIvg==
age: 10608
vary: Accept-Encoding
content-length: 19856
x-ms-lease-status: unlocked
last-modified: Mon, 11 Oct 2021 12:12:05 GMT
server: cloudflare
etag: 0x8D98CB05778E940
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 8f100fc5-901e-017e-0c38-bf017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b618b58ba005b4a-FRA
expires: Tue, 30 Nov 2021 09:06:04 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 43ms
13ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-43649623-1&cid=2147064578.1638248764&jid=850321009&gjid=1591432667&_gid=64249564.1638248764&_u=IEBAAEAAAAAAAC~&z=1102704731

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 30 Nov 2021 05:06:04 GMT
content-type: text/plain
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 13 KB
3 KB 14ms
14ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: r7t3xbAZ3QK/7lQuu5X7ww==
age: 2967935
vary: Accept-Encoding
content-length: 2950
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:51 GMT
server: cloudflare
etag: 0x8D96DBF68EC8D5B
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 46effa15-001e-00fc-7ea9-cae679000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b618b590a515b4a-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/v2/ 47 KB
11 KB 12ms
12ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59415c8f1106151e421f5a3e46e8f8aca679ea9cefba5eb1d386ca0381d48c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: +0xPzL52AeUkZsqLfWvieg==
age: 3646651
vary: Accept-Encoding
content-length: 11387
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:53 GMT
server: cloudflare
etag: 0x8D96DBF69F1D28E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: c3d3f22d-901e-015c-0a6c-c46f4a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b618b590a525b4a-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 20 KB
4 KB 15ms
15ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 3646649
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:12:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: db151a6a-c01e-000f-746c-c43510000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b618b590a545b4a-FRA

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 37ms
16ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=emojipedia.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 05:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
34 KB 425ms
425ms XHR
text/plain 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2529958347704751&correlator=4438306886917487&output=ldjh&impl=fifs&eid=31060439%2C31063256%2C44748552&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211130&iu_parts=124067137%3A21872898416%2Cemojipedia728x90FS_1%2Cemojipedia300x250FX_1%2Cemojipedia300x250FX_2%2Cemojipedia300x250FX_5%2Cemojipedia300x600FX_2%2Cemojipedia_video_unit&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x600%2C566x387&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D9560a6a0f7de78%26hb_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D10105e4143225b3e%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D94b850b67fb470e%26hb_bidder%3Dix%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x250%26hb_pb%3D0.04%26hb_adid%3D103bb1c8c105f571%26hb_bidder%3Dappnexus%7Camznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_source%3Dclient%26hb_size%3D300x600%26hb_pb%3D0.08%26hb_adid%3D987780321b3cdfa%26hb_bidder%3Dtriplelift%7C&eri=1&cust_params=adx_account%3Dnewor_media_adx%26ob_appnexus%3D1%26ob_ix%3D1%26ob_justpremium%3D1%26ob_medianet%3D1%26ob_openx%3D1%26ob_pubmatic%3D1%26ob_rubicon%3D1%26ob_sovrn%3D1%26ob_triplelift%3D1%26universal_passback%3Dyes&cookie_enabled=1&bc=31&abxe=1&lmt=1638248764&dt=1638248764814&dlt=1638248763957&idt=338&frm=20&biw=1600&bih=1200&oid=2&adxs=436%2C975%2C460%2C975%2C975%2C-9&adys=188%2C673%2C5840%2C1512%2C3162%2C-9&adks=2220004319%2C804184230%2C1750055895%2C3329957131%2C1656295031%2C1615582414&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Femojipedia.org%2Fsnowflake%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90%7C300x250%7C620x250%7C300x250%7C300x600%7C0x-1&msz=1600x90%7C300x250%7C620x250%7C300x250%7C300x600%7C0x-1&ga_vid=2147064578.1638248764&ga_sid=1638248765&ga_hid=26796539&ga_fc=true&fws=0%2C0%2C0%2C0%2C0%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

4dbd7d63a7c8adc02847f5ecba558c5df122eb556ec67a805f2c952a1bd340e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35226
x-xss-protection: 0
google-lineitem-id: -1,-1,4688771952,-1,-1,5816047182
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,138234550424,-1,-1,138368347536
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://emojipedia.org
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2D16 6 KB
4 KB 63ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 05:06:04 GMT
expires: Wed, 30 Nov 2022 05:06:04 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A399 6 KB
3 KB 22ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 05:06:04 GMT
expires: Wed, 30 Nov 2022 05:06:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8201 6 KB
3 KB 13ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 05:06:04 GMT
expires: Wed, 30 Nov 2022 05:06:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7788 0
0 42ms
42ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKA3CdQX7E-Wi6nixWgH2JxYafUCj0KcUmTgXxlrD2TlD2F_hF9ZjKIEtMWlmLSVQMUZeu6sUR8AzDLYPnANYvpP1KMsAAmBZRaWzDPRMMxDF8SuKjbYVobXjg-nmiNq1mjL1863v_VGoRd2T6svNNWj3iBp7HkMQJ2HNrvNheD7_1FsGeQ06a-hRWqT1XIu_oudgwPUhIs13GrUoH3bSLW4R-p7FtFLaSADjm7suHYkfEht9aoG8fgcINftmml2YHNJSSxzT1j616POVcytsb47W_7O31icZorjySrRNv7am5I1VsiGjzB7eI17OhCJfNWRU&sai=AMfl-YQkjtmpfssABzVWgdQeXbADgnI6xyJueOnL_w0pqarSAW8S1TuK-UC7MME8-CsaRtJpB8lmAmSuuHeYDISjfrDLiqhu7ZK2sPELcArsVfIxNuA_4gfR48puORh_2Dw&sig=Cg0ArKJSzPBLBPes9b8-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 05:06:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 05:06:05 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 7788 26 KB
9 KB 33ms
16ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c2210f87e564b9f117ad40e2cb2f666828d11dbb947bc4304e368b9d5e247ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 29885
x-jsd-version: 1.12.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19169-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"682b-PM7TIXX2mG/XvjIIwb9PtOhKkw4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6b618b5f1f0a05d0-FRA

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7788 119 KB
37 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 05:06:05 GMT

GET
H3 200 container.html Show response
1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BABE 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 30 Nov 2021 05:06:04 GMT
expires: Wed, 30 Nov 2022 05:06:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame F30D 189 KB
55 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 218673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 27 Nov 2022 16:21:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F30D 13 KB
5 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 218673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 27 Nov 2022 16:21:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F30D 89 KB
28 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 218673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 27 Nov 2022 16:21:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F30D 5 KB
2 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 218673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 27 Nov 2022 16:21:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame F30D 40 KB
13 KB 46ms
21ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gptprebidnative/202111171629/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 218673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Sat, 27 Nov 2021 16:21:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 27 Nov 2022 16:21:32 GMT

GET
DATA 200
OK truncated
/ Frame F30D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa08dbbcc830489ed672dcdbf6e17e4b2e90ab3ba1c02ff55b0fe904b7ad06d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 8292705440596504899
tpc.googlesyndication.com/simgad/ Frame F30D 107 KB
108 KB 8ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8292705440596504899?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlBAkYQ9iRFQfunIYjmFamsl2HUKQ

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce763c8929720540f8cacb2b8a29fbc2bf49bf4e9b2553c31e0037fd3e211ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 12:16:55 GMT
x-content-type-options: nosniff
age: 406150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109822
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 11:17:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Nov 2022 12:16:55 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F30D 2 KB
3 KB 15ms
14ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 09:41:39 GMT
x-content-type-options: nosniff
server: cafe
age: 69866
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 30 Nov 2021 09:41:39 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F30D 295 B
520 B 7ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 69180
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 30 Nov 2021 09:53:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F30D 0
0 31ms
30ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdXXfPLGlYeq5NYWB7_UPh6ey0Au5z5TsZrj8nqjSDpaCzYWIFhABINW0mXtgldqggrAHoAGHg7_3A8gBAuACAKgDAcgDCKoE8wFP0GK7E43ZY3yFfQevdXvxMO8qPR8aRKaReqQz-xuLYJS-ubAUNLgxNZImaTlw64w25P3RvGrVjbGj084JQ4oLDLOqdWUxTRL0wIazY1ENoQ_AVO-MQHEkViieFygRk0ZN5WJl_U7mWPcC3VO82xytmTjn3TST7Io1bjNlO0dkICRiUPAf0i5bwzK-uqlBHOGiM2afAuJw9UnXgTmdYkgPneW6CfZrDf0uZ7-XnOt4_qYq0zo8Jpxbrh0Hgzz4f-kE-uZtnu_uQM96YbwZO0FsafJJMG48JgPCJ3rS0mMe4wRHrL1tmSE29sW1d9MP8ziLu1rABO7V34XfA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAemu_6FAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELSWBtIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tMjE5MDYyODE2MzA3Nzg4N4AKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi00NjQxNjA4NzExOTc5MDkxGKHYGQ&sigh=ZqH3UakRc9w&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 7788 896 B
1 KB 57ms
17ms Script
text/javascript 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=43756538;rtbwp=YaWxPAAAAAAp2FMZeKQ5AFGlWp4OYHFdsygFNw;rtbdata=bN-gJ_rN8wUgLWUCuGyN-DFJ7Uu42rj1fC1leQ6jV-9u1n9Pi7ptX4UUH2ZpjO4q8XLp8x7u8wrPK9DzMQSLOpO43RyFXdQbTL3TGteOXVG-jyY5em4Iu49xDhsJHZlVOwBg4JH5lN_--QfxShaGNWq9rVoZoZn3P2EJYgA2c6R8cY-xTn20j7u_o8G4E2Bj4QoIufifaHMVz6V_9fcrJW44LSW6KU4VgIjETMfMv581

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e681ee3094058ec06bd8672e67d06a5335f6a95457cf9dbb0a233cb1704a21f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 776
expires: -1

GET
H/1.1 200
OK v1
a3173.casalemedia.com/impression/ Frame 7788 43 B
303 B 45ms
7ms Image
image/gif 185.170.61.74
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a3173.casalemedia.com/impression/v1?bidID=ad7cdb67-164e-48ef-b103-d32b1244dba6&traceID=c6ir2f3ih10fsrq67qu0&dspID=111&userID=&cmpro=0&ap=0.07
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.61.74 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=100
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 7788 68 B
345 B 49ms
11ms Image
image/png 18.159.156.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YmJkdk9BSm5xSC1JZGZmZ25fMDJDMkN5eF9FL2l4OjMwMHgyNTA=&v=5&s=v31flnjoltc&id=eyJwcmViaWQiOnsiYWRJZCI6Ijk0Yjg1MGI2N2ZiNDcwZSIsImNwbSI6MC4wNywicyI6IndhbGRvLXRhZy0xMDIxMiIsInNyYyI6ImNsaWVudCJ9LCJ0cF9jcmlkIjoiUEI6aXg7MjEwMDI5MTgiLCJhZG9tYWluIjoidmlkZW9zbG90cy5jb20ifQ%3D%3D&sb=undefined&cb=8445971&h=emojipedia.org&d=eyJ3aCI6IlltSmtkazlCU201eFNDMUpaR1ptWjI1Zk1ESkRNa041ZUY5RkwybDRPak13TUhneU5UQT0iLCJ3ZCI6eyJrIjp7ImhiX2JpZGRlciI6WyJpeCJdLCJoYl9zaXplIjpbIjMwMHgyNTAiXX19LCJ3ciI6MH0=
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.156.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-156-184.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 738D 624 B
340 B 39ms
17ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi5rtGYATAB&v=APEucNVT8g7vyWMZiFswkxjtWezhQPMUCs1XgMGNJRdg7gonbvEUt9k880yZH2raDWtH17BbjfYZ4Z6UoW-bMcSiJLa60G6AsiUX6_X2cyJ-Xh8FijuDZYWnSokiDlQG23INJAzFAyjnYd3uIAI_Jevl1l0rLvpXjJluqBPg5JU_UAIASZ6V8jY

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 30 Nov 2021 05:06:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8201 55 KB
28 KB 62ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuIojr0G9iYy1XoVuYoBIbIdrapm7HuZLs_Kc2ooSzr5s60rnvQ6w7JO7F6TeAHDwYhsJR7fURFe_oXlBoSsgtxQuQ3lpGREVrnBElnDPnyDK6ULfqycgYGnVhYOskqOMpTOsINQ4IBz1c8bSaBn_3Ib1Aeg&dbm_d=AKAmf-DEju8hOlFhB7virpsfEiio3Fbi_WbDur_N6ss4NA1KbYi3HRq2t5N1IIMb4RH_8J7tLRJZcuDQ8F1s9PjOCZDSmZtmVJjjwE2aB-kScNHNs8_19Eg6hEUvVb-JDB7vT-Qe_IoKggXP1mjA-tQr93k2D7gGJ8p-2KibsTo3tLTVAHtfBSVfpw605RyuXtcji8Mwfp7rdlO8TEEj4Esji3DJGDT_byRYKR_tFLk78kWzkFWjAQiVJFVcot7AgVWLIL5y0uITn0Prmyotx_GRyWUAoy9txtr7HeVf1gr2xpKwlGr3pP1REkJx6trniBTU_NcM5MJGUjLbu7UxGqfCw4eJ5LpAiZslZJhRZkv2ooqYwj-Q0LolnMclAY2bzEPuaQHBL4Nhz21KcMUyk-nIgFtr0sL1PIVynwnSj4p_7bTPdddNRtpwTTdiCK_vrzqUzuMKPrya69egdo3CEjmFNH5H9Dp2lkXrQq6Fq8LDClhc3jclT_n8S_Dan11SHQ9KYDp6ygCK8MHAqOGtW_oEqOz8amWl79zJ3SjM00CUkBaaxe27Oazy5j_j2k7sfjfXG6b7t0eB4ey63NjKHL_tpca-QhgIHTs0xTQ_K2qUDtABmisveJx6D1uS_x3ORb2NyXiHibaxLanKiW_2OH08CoGJcgVHYnyQZpGr2DM5Vz1lEODs0beHXas9eZz2pjO4QngZzp0hVvbhLMJiLiDZaW2dUEd1pyW-2fbYWSxaeI0rOdSzNIELMO7iZRyjPoQu4zvlTG6zwRisk4aZrPKaUT_ozUU4hivHvbNrBFGXmkPa_QzRslmIqDKE3TsHqNAedtNjQ5vsOaNHjpVpiKHAjX1RkubmTzJnYKzrldloAW76KRFW68Ws-ttKCi27rkSB_MZl4v-5klKoll0vvrF63Hc_t2QmZjbLkvN_CEX1UbVx66uUBgU5x0MDC-eDCaCY6nc4cVmnusC7iE8RFI4VKjSa-UiNGWeZKZrvfZ7-mvPDSWn2ZFezcNfIt_aVlAlc1WXy4_6oFhrfLXbixRHbsWFo_NUIidMlD0hBU_uoJHTdq3dv1qcHfKf1NANb1SnIm8J7_vagj7LO79Hv91J81mNDwSiPR4MY3ohPu4o7tyWTIVWMvY1U22EHcvwc-RDzRwqyojoIqymp_KmaTpQotNQaBBgGxVT1XpZkLvgSpXOa4b6igAPHtiLWOt__7UlmLbSjmMkLz2u_O01PxBf_SydFwQ1rGhIh5qZL8jsT7OZnSlObF-DK-VQQl_leYdQdUb0dc3em3giENMfnu68Z4ds4UWwsa4IwH3ZrXmSj7rkr3rgxIiUNLRGIQ7Hqz9NO5at7__y4kuxvToayyptGXPQmfeMXEQm07h_jtGw8liJ85StnRblR3SfAGL4CYqoo7qes14EB_mYy3IqDfEaD4gM8tVfHIX5qJ-6Z9hU04wka3wSPq-E9vWjsi_fo2aEoocBymbYynJLgFIEeqpjC24-qpO3RftEongXPugRH5QtYw521F7jg3CjaZOTYZIf_PdMXgaNdc7HH5MCM28nlsO6asUTHrKiaGqr1rXrdTVW5vM8_A9HqLj_s7pLcrY-geZh9jzfv7cvP7akzSfGXnBjf3pzcOBXhheP1xV0xNg9Ipekzz2CO00M_sWDIy76cMgo5GqXk4s_hD-Dmd3UANHgKMXSJivJySbvvoEj9NMGaKRn8F8PcsPKTsep4ru7wEu8tSFbbLF2eqwtXS-1xnSoYp7MDYXHFyJxB2WL7XdnTgnhEgVsBfCsZHMmrbuZzN1NLXgGLgyEO3mjEUWBCfK0uTkUu2kn4dygfNtpYE6iz7IIBH0P8uUKAEKETfSr8k_vCPBhubUbRUjKuJ0fMh71juEOVG0nwDKx6k6Dq1SDKQoby9-VCfWcXwjEIguhTfKGG3evBnc4zSfe8OQXWvREZKT6Av4THOvUNEeO2mrfuMq3rk78zCUzfrz3Zg0PvaJRXFS_mS8xXxLpzB3NHx1IYC6_db2sCeF51cFaoV8nZpE_W0J-7NvJvtiATK_f7ZDfvTnwqPT7bF_juj6e_5cWWPhmFUxKU9U7aZD6lu0_oOjN9Gi-0pqBs6mgWH8FEIQAszFyA_iIzHXrtAwWPt5TJzw3MauBYkEspi2-gjRIN-J92QCw2knvFfOJ3UwPc7Hxc8TY-diVinBtry9VDBK_2gHLn1la4438KIvgZ51rJegj6azKjz7yt7mgqUIWUt8mgjFnM0lvbVxcBxULee7rwROt5iaY86cMyBBMZtUNDzfos3c6zGjgfTvcq_TVYNscbDTyGjyiqc8jep_qdRhaWlNe2MYn9OCEG9X-1pdGNvSwzaDw9CXZQMlkhbD_ZgqGE6c4ITddUiCl-PPPpTYaGED43vOMDzm9HXYo61vYSiyL2SmcjMKw4S6by6Pk2ShlnZUmXFNn_5Lr04OEpSEpHLjHOYtL_MFsEDaFbeNjcdvjEmj8BU-SnwlCx5l1Vo4sXUGDEfaWfAPkdobexzbeTfrSkcZRuy_aWyiKhQUWLGx2L_4tAfX4u4HVeKuX3TbvhD1atDGoIRlvRhpADuT5OmWQaAy81fNrFsQjt5zehOGQv6LTFEvzjBzSSelR8MXWpcCwUWJSDHLP3im3eWtuBzeVYcOzoemxrR0ZUguQF7aiKzydZ-cuKAD71zawGcnMJiJs44PvcNbnrz6Nm3uvMpg_3aOZzt7Tuv5Kc0QuGkIBbfYQlGhs8-QQuxu1NKwUZhl6T3xkJaWY1xkd0vRjvWdqgeGa12E_W90DRWW8zA6DiX_xc6L-nqJJpls51R7risXsUQB0GKLqaDi8JTEDhDg_1ku1MQIULWRP8BorcqK0H7DEI5peXSCVizuXHB6CZ1ZxHMJJrYuKtokoy6BZqDl-dvc7h8nqJgA9g5LQlYRK90KkhpWqyo3Gv4Lo_XEeShXgicaW7KeYivffb1dlUfUPIGBv12tQCvzQM4Okq-jUCNoim03kqY_sxP9eNVgjsa7ry2BPC1i0HU9XIJoKUoejpdTly6Yro3kceASO486e4tCQ2Be-jDuDucpZW88xOBW9jUp5G3H07dQhA-fPI5lwRQOdymk01iyKK2h_uMxguR4hubnzNV6T1_GjF7SLcLwBQ-OGyn5K1pn67HTfaqLKz7af6l2BFrD1aU3sEfuR-NVSfxD6HMrMsgGVcrOMPbiuFi2V9kA183ML2DbCNj5mFLjWKHEHZGA1ZJA9Xgz0nSZM-6cGafk4i3WU9hcC746eX&cid=CAASFeRoRsazHV1fG0YdYkpswMvetPPnUA&rfl=1%2Chttps%253A%252F%252Femojipedia.org%242%2Chttps%253A%252F%252F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56339af04b2b4fd9ae092f869e91f8d624f84377c345344cd54cacf93a970a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28067
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8201 42 B
494 B 62ms
39ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DrpogioRRoxhXOUohvTuzEXSRJAgOdX570QkGjbQjXMez0oVFVjtRVxfeUV-w_0gb5S99i794SBb07KufWx0fhpZQxKIvFOUr5Ipdl0dB_bPSi4nE

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8201 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 04:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 04:26:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8201 119 KB
36 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 05:06:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 8201 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 05:00:59 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame 8201 68 B
345 B 26ms
11ms Image
image/png 18.159.156.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YmJkdk9BSm5xSC1JZGZmZ25fMDJDMkN5eF9FLzIzMjQwMTE5MDk6MzAweDI1MA==&v=5&s=v31flnjolu5&id=eyJkZnAiOnsiYWQiOjQ1Nzc0MzI4NzEsImMiOm51bGwsImwiOjAsIm8iOjIzMjQwMTE5MDksIkEiOiIvMTI0MDY3MTM3LDIxODcyODk4NDE2L2Vtb2ppcGVkaWEzMDB4MjUwRlhfMSIsInkiOjIzMzk4MCwiY28iOjAsInMiOiJ3YWxkby10YWctMTAyMTEifX0%3D&sb=undefined&cb=5365168&h=emojipedia.org&d=eyJ3aCI6IlltSmtkazlCU201eFNDMUpaR1ptWjI1Zk1ESkRNa041ZUY5Rkx6SXpNalF3TVRFNU1EazZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzI0MDExOTA5LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.156.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-156-184.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F49B 624 B
733 B 30ms
17ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYgc3UuQEwAQ&v=APEucNWD6vBAvf9PV33ZYtxYhI55wZPzovIWz0BLDr3ZxAX2XrX33j820wlVD7-VTOyQbiwReqHbvJ_n-emVw2Cpr_3_fBqtLUlu1Y_PeCZnrWwhmWp25PwVnLd6L-ppRJuJe-gt9ugn_fyh27wiCC0dsyGlLBzjWmcOQFUM5kSy8x0TOChUI7Y

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 30 Nov 2021 05:06:05 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A399 25 KB
15 KB 61ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHtizRIg75OTLuUcVgABrMjAasaqj51qciokHWgg1ZRsKjGFLi5_1pdQp1oAGFTW_9btjOzkXa-pyILsm7-F5SBNNoOZljGOnZYoKWXWbiR_syfyQuLqP9eXXC5JL3GNMQyKQx4DZ4Wr1mrol0FthA7ytHFA&cry=1&dbm_d=AKAmf-AUytijPyU9CsiHgfCiQ7YwChTlB_puSEjJzxlhI2PlUFEUW-PckertSNOK6x1VFaroHFN5MoLqRBILUiMe1_-K-LqwJPJZlL5InouAEtt9CaK3vCjdZze4niGrfoVT_iGgbtUlytmOrk7qkE8RdYDYxz8oPiLDxSrBWGLPAN8eJfJAb7iybvIkWsno72V3bz92ufKnK-k4_WuiXs7QDLbJxnIIdv9DcvYrcmX0B6W4NSSlRTLnXAStDQ6PWAXQNVOwMDN-gVtocyuQqDQlhpnrEAaIF_d4r2AWyenA-CEj4jpURZVexQIyuY3YC-C1GGdt4k749sorLvXU6VYZgBuy7XBsaiebRnIPibCiL7kt-USipdvnVwEXGIEjlrh18RY6fVCtZUMTr6Z9LRjVMVZ_uSVKbKITZb3ZAXHthEyPnA6jF3o_KoBPBvoZwzRk-fbx8wbmwmlGWQ4XFjJ-F1Hh6wPgu5hxWA5-z1h7BuSmJKaPF8Q8QGFTg6zRBC6bQwVrg0FQ5GJJyeNWt7Tz6VxDuojaChMXehCw3dTgzPXYyfJ8kVVyDWLmcdy7BlGUvcQTnxRpca9B6k_HQJhSMoI6qdP2zIDi_sc3zeo7zrh_XdxbKjvmF1Eyjyzl8Dz-KepnBmGzFHmBZYew2YdFA5YABGn3phT9O8ZcgdivkU5nUMeqkN_GB6JnbBVB9rNSoeVQsjPqV5DK8ihlP-xBPFkf-VcdygLRZqZwTvcjjQXzlATW59vxKpRQmsHCEDO8bbw211nOPwl5-IfHjanMWdSE_H9qHLBtj3e9VjzxNvq9lHZk7dQAhJ6Aljlga--mvwqFOOq7h3IWZaxToJ8HU76BWnSXa3IVxZg5Y0G9YFKhJFbb5rlHOpNfSYYVClMW99IutdioLqONtUj2zfox0Zsy_eu8P3ZtJlOMQWpXy0hX2b65la8vAbZIcnffXqiOk2lVIGdLYot1YSxLIbXAVhCB2Mx3wEZR5tu2FpGW_wLe1DR6pxJk21KeeHUjYbMyWgCV1-vxdA4u6Ta8FReEnB3G284__sibRuxF-YIoxhs7GtGgR5uLg2qlLMXiU1aOCb8_Aet8D-huyLPtboZq7hXunqateQUQutwxfOPQ5mxM5zaIuVgAt-lqYdn2fKEhtIjoDYHMkB_0SMIx_edJHI0coeqsTJLhqoj-QIEPg_uwNxgK-5Zk8B0QlwvcxUdEjWK3r-xnaU1LeJIbdfOcEixM2mZo2yzsnWqZXzYadGItU6qUS358viN9z9OUs4f3OG1x6lqaw2UR3SdwFCQ78xcqnT7arl-ESCRQyKyDWaCvDZ10nIzZg2y0Cvj3wCkcBw3YX19KL9WPbFaP_pTpqPxT14W0ThBYkjHtHwBvsfOI3biO70jY8B_2jg_arOO5g54UihBQMzrmuKMpzK2wTcuoC-0Fj6HMMqj0fl0s0gVlq0bvcfH9pmBrbFJLaElOtLi27JBFw5QN-O2QAr9OU7gEahr9G1r0YzV0LN-4jMjQ4DHR4k3azfBOE2lgvdw08Fy4_Tn9ct1dESHoHVWzznyfXwoTAB3Q-aFIRLyJszH22aKxmeMgLizk8Z_FfhA4-4EGMT0qpmhBAa09bsor-jfMVp5dpu6pgiefGMjt0en-d1fdtwGiAMhOzgoj2suHceQFjEBZXKyTgwe_mmZx5BQ28x-g4t3SbOymO_Y2yi81t6T3LgKNSaQ0Yu1k01XYOvT3ZduPXcrbXzcwOec22xHGCI112NtLBeIwLB4GhFhwVTG-m8GDdFDP3l1l_kodZye8Gm-KrKUOdeiKDNAhrGoY7UHjXBhIht0EFnwHGh20XmIKv976u5Xz0mcvtFicxzI8FG_SxSy4RDXZoKH2BHN_d0kQrtW4O7vtJz3H-MUtLom4jqvdkYE4nSnWKR1fQQ9A-yU1_acy0AHAWDxRnQj6ouqOiY3x2QTCpCGaWzCxZKPNdcnqUDF_3C16q9wU3qA4UtznIMx0ahAR-9YQyneLZvkzDAHDlkoNXeBf3Xdzmt6_SRTKjcsFTqsDDWnuwgBdcwB10Kc9iZNH9NcatDCWhGQjI5xkEizwW0JW0ULFHd2360fEHSHZRICFA0ZkT5Z3Nz6R7NkfM0vcGo_kkNLXs1c4QwmxxFWeCQ_x9ZwEGCZMec8RVUsrTFnFcTosGeZrQr_5k4LG-du303yTHd7Y5_r_3VaicrChpFJTyRqsaIGhRg2NmxUYFwaH-LpgYcGDRGSLWEVvZVCGazJVCpRhLGikWdQpfxUXknaFmfoK5g7KzWbf-SuzavxQHWMPUX3N98laXmlW3vT7INl3Fqlemu5nX_P02VYCTmY60t4peumzeOH9dpw_R0rU9cU9q03Ghr4HyC9ww-wtBD0xkA5jdsWO28ICL2ijhZ487lC53NSZL51oQP4fHpPKPjP25NLrFpswdDWCvBPHbr7O6NJDKqSMeA32fh38KuXYm88rtQNtGpfafiicrdGr8AG1d9RtvgXRD9ebW6hTMwRpiKBBcRStVA868rzZu7zMgBoc2wQjwv3OIe5UYUOBC2u1xv1ysAgip1sFSOWLrjcTivnj989GqV9ImQiG7RddYb9vpIxDZyczypHMapg3xufijBhcb8QS_fwR-cNKmsRboWVxAIzKe9I7UwTEE40vVipsIDBbFNRnv2HwnQW9amElo845Xls8Uv24RxzIrc01eMVZlw8qWYOMwPn6fVUguFLXEGoUeh56l3jKTEFZNWA6PMuN_cNN0nh6-_7YTg0LUOPTV8-UmKQE02J4PqJYR4cRp79bLxwcQzzJo4vsnGMGn06OjbT1yIyNiRSnbQDcexiK-jHEgFxrb-tFQBSp6OpqP7iiGc_AzOvO9sNbksf3nFFz4LLoCsGuEOGfLCC6tZSDjwiLLK84n3dOC3msQTz0hf2RMt8XfzJibh784fRy3vccPttjetNVlbeu-mm9Ua57XiPTUi8gsEkkCU8N_U1GwFSrrBaz95Hp3yBYYLGhXchtNTDGQUzX2VzXa1RbjiqScxSLL90vKwa5hiDuXxg7vUsDZVeWj25Q3A6pod9spOdnRNCFobGT1gLxaOieCptlQzWDH7RrJI756hoLNpSDQFDCNYaY9r7h1bTcc2PQSALr2FSzU6P40wTrknHcZsn82ZfX_S7p_h64R6SMLPhsVGLxKH_nlq--IAYLOgU-bSaRZ6rk-1Arv_u9ArrPkgV1ZGuEI-QUQZRnRcoM_HHtmxnW6XuWr2DKNG9U7P-EZAPfNoXrmr8Kle2kgFbyUzkaRo27NIG1rVfv9ZSU2unWpBDnN2o&cid=CAASFeRofh_Godwsa9iq1dHY0yQRjrw03Q&rfl=1%2Chttps%253A%252F%252Femojipedia.org%242%2Chttps%253A%252F%252F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

231ca1f9d7efc1b77f0a4c1a03d0234b45f93d6c4f356f5f725588c4f87c71d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14920
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A399 42 B
107 B 58ms
40ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANYGGAKtfKLsuMFQ0V9f49wQjxh_uUm-79bGuPPmFryLwm-4JUGOT_KEIMNazPJftyDyXaJR4_mLqtK5u3_CHrW-v85ThpXM_3HCXRUyF4BcA7CcM

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame A399 2 KB
3 KB 19ms
18ms Script
text/javascript 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=50753021;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=55644288&extPm=55644288&extCr=389359233&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CEpjSPLGlYea5NYWB7_UPh6ey0AujsL79ZbuPv_fcDrn20NnAHBABINW0mXtgldqggrAHoAGR_tGiA8gBCakCGfs6-a_wsj6oAwGqBOoBT9Bq-LxVRJADaagldE46mCS5Gdnwr9WeKo_LErCMyt4wySyVsW9IbtR-1NsoVENbfOqT6jbNjXWmnoSEjbu_hS0AkqjXG7Yq3H4695T-jK-Q2UtopbCu-XsYkEKi-7RWJLj63dUZA9G1dqT05vS-lt99s7Q1t69mpCy3G_L6DYv91mXSARkT2B2ZHPOCEXWL0NsPMfhskw0WflkMyPf48ybu9wQJVL36YTZMRaoxE_wA3lP_Pmg6XP7cYU60Zy2d4DG5_O6Q-GcgbztnAVIuJCD4mlb4lkg5pT2pLqX6oAEjMfFfNeEDn7I7wATQ8bXJ1QPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTIxOTA2MjgxNjMwNzc4ODeACgOYCwHICwGADAGwE8WgsQ3IE6uJ790D0BMA2BMK2BQB0BUBgBcB&ae=1&num=1&cid=CAASFeRofh_Godwsa9iq1dHY0yQRjrw03Q&sig=AOD64_3JbedZRjhp7Wi4rgyJIjgT7_He8g&client=ca-pub-4641608711979091&dbm_c=AKAmf-CZY5-YB3tI09Yr7NOSHzBzvYeVqj98B00h9AciST3zn38bRjKZzSDYmdN00GYsrUysXEBnVNd3iJHt9aUYS-IYD-qCODHFRZuqV4NxRuilQ_XKaoFDfnMWwvKLcIOWu0VjN9f_2BCETXbqYYKIrAwyRi9G6A&cry=1&dbm_d=AKAmf-A2EhYSeZr9l7wCfJkFu-IJjbspK45ER6mW9vgk6SyMLEvn7aFEsAkY_pGf_04z3uM05Nf4rQnseeZuXm539hn5iX7v_fzQ9pvTGgMqzFmrGFNWuYKKLS64z9EVmfBl89l7dTL71BU0-XgMQS_1E-TzcLJb0CLfQrWYGU2KC27xpH7eqQsnP5XsNotm4OWwM4c7cWfo1hLazrQfTZkWToSRcrkQOEUKVI1z30BfeqmgtKbq8Kez2fueQAlYzVVQ_BNF4yBi5UT07Ohpd_omTsumY1grL9MoPVToqOL1vpE11emPhouLFY1zQagBtl3tmFg_eV0knUjDhIuG4ROF3UEL-pcrMHC3NLMcL4w26yNLZR7kSzXllIxoAyhbHkORa6Xs4Ss6mqe72lKoa5PDkVJqjpDWOU2let5tSaw4SFl1FfXaD29p6jBc5w6HYBSVoGh8H5UIlPyLELrcwyi2CdL68kM6Nw&adurl=

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

70464da52145750387cd7735eb9929739076af4bc4822ad288e54e6db7434a8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2308
expires: -1

GET
H/1.1 200
OK ai.aspx Show response
m.exactag.com/ Frame A399 43 B
1 KB 65ms
18ms Script
image/gif 213.202.235.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=55644288&extPm=55644288&extCr=389359233&rnd=1638248764875750

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

213.202.235.9 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Di, 30 Nov 2021 05:06:05 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 30 Nov 2021 05:06:05 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A399 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 04:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 04:26:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A399 119 KB
36 KB 25ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 05:06:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame A399 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 05:00:59 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D3E8 640 B
316 B 33ms
16ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXlD_GfxYp6N2-WpC2Ma4145LUXZTmzdrMs9giXOUweJ-a-qssLKa34thSKKDstXh6xfbz7XJ6S0WYbInl1hwHMaxvILMYMD8N1BeMt3bp0TiuNQqOnftY6M4Iwzp73ktExH51-O1qicuShQmEWTExU1MKJxEjiU8d5GKuuL82DPMMjJfo

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 30 Nov 2021 05:06:05 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame BABE 25 KB
15 KB 60ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AP7IcdQz_x1d3nz6BjfWf80N1aTUOmVkLk4PmMHD0oL97qTkJvb_Ysra4FfhIzG691WEWUsT898wzT7fVY-GOT8JItpDFUfEBznoCm2pI8LiNDXM8zlGmIEQ_MAfLy9BCv5YH-jUWn1dKzX2SsURw1gYmVIw&cry=1&dbm_d=AKAmf-DqvL7mBjKbiuIbZumUOG_QaZIPg-jc3YdVVFoo2fewxTm0AMochTsqTVGiNnq2UzOeD-ePENECXp-97cxRo-xBz3nimbTdyFLSJB5lYSfPmFflvPxzuqqITIzglQsZzWQpi-zxrDoJM0gnVI8TQlbYC8ifsJ7P_Ah7HjwJGMjdu-YdEvVsiKD-u9RSY6QMRE4myhC8agkY1hB2kSjXChxKhteI9cJX-POneP5csZXeah04PBazcX6EVwDJ9biCBpzEAhj4RJm7dX42gZjGIso-E8Kbv8uFcP_u2Sl-qmj2bQV4A5tHKE3Ts06uqjJwMUtKMOC69pVUOqdu-VHBxCOvqRAWGsIN75bn93o6ebotGq1F_J2vwR2iJALvukVg-AmO8GLwbtG8HqHoqq05fEi9_tAAFnGpudCJP2LmsjrxVTTFmFivoXapKO7MVaL6a8HI0yX9ZLGKWIhV9oswCw7mQ-fxO5s9nR21IaRtJ1X3b_FPJ6PmiqiLZTVaDblMAb4wcQ1VA545gMxE_vyKettcidntxDYHEQy-2bAkne_g9Aqy_kJ1gMsg8TlnsXa_5h_KbVsT1THIuRNyQ_1x5zJBy2RWS2bQXVMmcTibhXbSddhExtdVnq12u3VF37HusLcTdfVoCnnvN6C3zQxyShzMhGDHqfU6tcOXp68uxWypzgMsKYK52XeVcEEnSufi5ISRFFkox6rpOq3PtQ_apz8NC7ILVyDc7ybRR-04Uldy-Q6v4K4IilgIhy6inC5F5w69uYLxOlO7PQOw2gkrglCDLpAyhMX8qWf6kfD5C7l3kxOj9UveM6S6ZYJEmvMIPgOxyb0LY5DLRL0Y9wQ-R70UqwdoMHiYladD8acK01n5IjO5oJ9PG7rD_dn-6-Xrpua2O7KYFJDu43LHSeOJ9LuhHreljijp2wxhls10-vM6onujdOGzX2wcMP8mi23K5cZ3rP73P9B9_O34FTrzITpuX6sO76TCUiw3agVS-G7XwXsR4DWIwmtXJ3jvobyD1uppAclseoQyAR7Ho-NH22ydFwWohLYGxZwukU4Pu826Bputk6cJekdj936GSfOK81F_7XpZF_SXHcNu9prKFy9ICYDX-DSd990HNXP05L3XYTrgmUrJjxMV0XecGPdmobjSQ3g5CJGy1WbbVNNFmPORtb3HV1dU7zSThMtrBY4mB255Ns-lCOvGX6Qs0QrUAQbDSD21LKacQMqYzf8lWj2gR60Hgz1MupOf6YHbMn9Isd6Q2eHNvDWX6L2CisEOshiNOqqDbCkLQ5ZHy-KbsNOMdC7EQzLOvKDmhehxBac-E3IAw3Dqa7xvxySqK_xgagAlGLPcGSBIbcQ1jBX8NRnL3RLfTp-3TKc1RUPixeuu0ug1ZE2mIW3l6dvrzg0RS9hNh8-MCa1rpzHq6kSmDlDh8qOiIvwOdqbd3-OY0jyEZGdB_Cz9VIlZhbKvNrWQ6ZMqjr7KY_rr_gYgdHYpWJQrMbR5d8k10DY3j-KX4UkaszJmMUbvYsr7jAhtk9rTi7j1LSxKjAGTOEODR1qT4QvDsqQcID4ZSsjdVAlyEP6K6ATa9RZYgVGL2th-R1OJ2wjR9oJtKhKu4RySOtNK-393eY95BslvJnXFAle4Z2Vrzm6C4ReV7ln5XFtyjmH71uSVrZMJ-3uZdcqIJY8gFclXdn1Vfo8RGdufhUY7OqXBgaunmQKTXAqKV8hjqN-M_-wX5PT7p-ALFsvehl7OjSesjmZyQYBJoYrBs-I8DHfckFrqlOiRVakSyoRmszYhGc6D-jw2GLzPJUkAwAfMxQh8NP4ffzXQHeXrkLRxTinl2EhfnJz9F-WyMWyCg9Nj7FFA49PePq7_uJ_nwoUJFMGyvC2gf6EWclbI_Tb2ngxmsZbPaSiqt_HWlrMMCfTSqNPz6OPnL7DIGzjq4T4XQt9gj8LF3k3LohNZh-G1yyUyDO-phddTQgw6tHJta74A41mTNtXtuvy6fgU0XXBuPkgtq290Xuigmu875lXYloHYhXiY52YFb9pYwL-MSOGKEnIB7j16qRkfchcbmwu8pFEZzNxVYseTK6pkTsvKFwYpoVUZMnnyw95F0UWu9Nk6ZZVUyGsISG0viDGdPYicFZvsuOP39OOQVkLixNuzwh7UGr2_GC4l6y2WJWcYPFBzn7qsK1eY7bF31TGBO2x0hkjiJAyD829LIWktKAfLA9Wr0o1twwqH1EMajGfmLwY2Dp1SpCxUSzSio9fa7Ce9tePvEHCcg6qVTA93ILAR39uK9hp-8F3itk7UNgaEnRPOsY2tQRoly5xUNpeY1WHfQL3767Zmvx9eVpI7wdf49PCyjl74sbvgiKNhDh5XNmk5FnmRqLsYAJur8fnx7eG83H-OGZPCJoJOyawai07rdkrdCzPj-0egimcoJ93OwFhV60bTlVz3_CnLe7UVkWWwAfahJUzpR60X_4_D2WBOy7ilKa6mFDR18zXfiKEDE40l7VRWmvGgyQRmSdqxMYCtFhM0He_xj1IolcsYF3h0C-O9LY4yuE-Mqe9APf84BW_B3QgPKWzYsj2dPIG1TGQ82Z1h4NO42WWf1TuFyl77zH5aOI00tOaitWLil6Tb_vzWjke2ytLsbqUQXgru7alBr4W5o3HF4MQyCTVO2iaLiRG31-VfRpfigSf07PdNKWXSgGc776KfeUS5uN1kh_yzDJxN-eTREgNvkZQuQ6xcUneIp7K5XzE9pVBMpe23XiDgtb-BXeG3qHQr9WCZlVF0uFQV8g8SQ0MyTRH2adb-C6RsiFCc4IBm4_wkP8bpl46YHGqCLFZtd5sTvVWgoYNcabOcP44h56hvhTDgCbKj5iLHJa2y3yKtPal_Fo3bf2167lD0NexA_BLN0-iTBdZnOtwYw7kl3vPHwQcxp8aARQuSfrH50_wYJvNXLIq_GHJJJ58WGLtP51w0MgjNH3eA0Mgs7KZD5pPwtCNUhKi8m2upjXZjG712HJY8yKgwFYskzf5yHLXZP5wUewLvyjtbtug-psDCDne4RJU93GpOB6gpG46EBP2lPG8GQnZ59THU_abT258av0KlMRpl1Psb-X8BcLvDNyl01ANWfOeA2rlmeZqe6aOtLkz00lV1F0GVeBdtOoJvqyaR489cR35WNDKe7CB7f4I5zX2hHIpXpkdkuMgPLCqL_KAhbW7BCQPF9T1DTIgaSPVNWx5wANfASzqxDnpQTQ&cid=CAASFeRoNt2s1CHl6TWwVms1TtDaswZgDg&rfl=1%2Chttps%253A%252F%252Femojipedia.org%242%2Chttps%253A%252F%252F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6e837a17a46511b553ab9e447be592e5acc02fd1f9f1c88d3177b3cd33fe10b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14936
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame BABE 42 B
107 B 39ms
38ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ApTexhcKDtOR45XZA5OLJLn1DfMgBKrmlEnMOb8PKIhU5QieyQoUsmSiUztB1W_UnKBXxdrUQaAp8AY5aS3_CfovCjQd5pZTIpCvdrU3TDBv25nOo

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame BABE 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 04:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 04:26:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BABE 119 KB
36 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 30 Nov 2021 05:06:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame BABE 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:00:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 05:00:59 GMT

GET
H/1.1 200
OK pixel
protected-by.clarium.io/ Frame BABE 68 B
345 B 11ms
11ms Image
image/png 18.159.156.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YmJkdk9BSm5xSC1JZGZmZ25fMDJDMkN5eF9FLzIzMjQwMTE5MDk6MzAweDI1MA==&v=5&s=v31flnjolvc&id=eyJkZnAiOnsiYWQiOjQ1Nzc0MzI4NzEsImMiOm51bGwsImwiOjAsIm8iOjIzMjQwMTE5MDksIkEiOiIvMTI0MDY3MTM3LDIxODcyODk4NDE2L2Vtb2ppcGVkaWEzMDB4MjUwRlhfNSIsInkiOjIzMzk4MCwiY28iOjAsInMiOiJ3YWxkby10YWctMTIxNzAifX0%3D&sb=undefined&cb=9250875&h=emojipedia.org&d=eyJ3aCI6IlltSmtkazlCU201eFNDMUpaR1ptWjI1Zk1ESkRNa041ZUY5Rkx6SXpNalF3TVRFNU1EazZNekF3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMzI0MDExOTA5LCJ3IjoiMzAwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=
Requested by: Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.156.184 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-156-184.eu-central-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 68
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 7788 33 KB
16 KB 179ms
26ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 08:29:13 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame 8201 24 KB
9 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 05:02:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame 8201 8 KB
3 KB 18ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 04:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 04:56:29 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8201 0
377 B 58ms
54ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWvDy4TuNkn4MxsTFyPNdd_fiVJTRnzqGFnA374dAI6GyHK0LdU8qdzvrLxdBEMzJnTMad-kzDgI4T5uOuAuBQcfcxC5JFnMKsWquDe-y-QqdemIu7peQNAGdAMOOdijX8uSZlugoUQADJOuoPZh5SiIBFkgQqiMngcXhA_d_90Xb5OignaMhzK7NpE8UsRSD6QiBZhlwoCXLG0wyA181lJAD8Ds5oanZNm_DYIB7wLKFHg7jQMlZuXdXfhRtAlKqX1RzTb6tUq-NBQ-yp8gW5jHLx5XlGLPO1-lFFWfzIQFbpogxb8jxGuGA5LRq0Kdf0JRJhPiL0-mAB6XGHvOqJP8C1Q3ruBjAcYXs8A08hjxKhmf8-MOCqbYHsiIwDp0lgxwjC-vSTKt1nKMynxP6K8d3jM5IaMeYuUABjfppy9WlRossMAIM-gLsrPbJOFxFpd_2Rgi9hDiSWmIqCUmxzIGo_Z_p802lBw2co3Xare1-DmRtFkz-g3a7wOzFw20hkQwvfDHOBHBUhBqQ4eVEXWF1wSRke-A4XBbHQGmbl_K0V_0WgWhb85gRzueWbq9fQZ9ZWnv5B8ABZskgojJzifh2s876sI2gRWPssOGNBmp2c2SYE9mwXx4jIoFJQoE_HkO0bPOCRwO3E3m3ZE7g5DaNQu2-fNwN_kMsUBfyU8tSIcYMinscNKto32Tp4MClFWdV7IVEBwTEkbJATafsdvWuWLitJoQQCAa-yuKn5YXLPd13IEAct7vO_2V2ecYE-w_-0-Cz9RCNBT3HVeh7q1pYl_A3NAN6ZO-wEFzgBHT1jq-bDrG682f5f_w15zWtH5Q4xeyNCCmiA7Huj7vgOkOshR8p8X19LaFYQhC2T_ZI6sN4H74W0otV_bMhzSLimbX9UusRYO6BbfxQOoQp0f730N6LSwUjA3t7akBJTiKlOJ4Di7tQQW8OWu9FAKX94IoLfjnYYYyQAxgslmsdCorb-P99mCmBvlBdTS6LVQbQFfMP7Sx56uaR0kjAU48qqx9Ar9FgUe92ZBGTBhr2G93N8CwEnQPS7VOnZCb1gUUlzE7Uf34Iv1-It65SGIATkQzSImK2WMQW9-dsX75MXM0BOZqf8upiSMir3c-nGqg9-VkvaZkdqRH8GdqfLIUTSS7lm8exGYsB5ib6Hfr1AiPhL3iDmhIS2mCgTlTgTSUQE0yDI5A8eW4tqdiTXw-8&sai=AMfl-YSs9JWph-UE4cQSXGP7wnubhxqMwGp9Sntp4SS8koLGFf9Y3NCPiMchFNZFFPpyxeBIw1n2VDCZmsZgr_ECF-LMxuDm2nieDYLCN5X3WHb9iaLXAf8yRuQUiaxSvqRikDgvLlAB6bAbUqbQQlq7Fastf9n4IQk4rZPTAt8&sig=Cg0ArKJSzG_SP2DOCRJpEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211111.15669&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DuIojr0G9iYy1XoVuYoBIbIdrapm7HuZLs_Kc2ooSzr5s60rnvQ6w7JO7F6TeAHDwYhsJR7fURFe_oXlBoSsgtxQuQ3lpGREVrnBElnDPnyDK6ULfqycgYGnVhYOskqOMpTOsINQ4IBz1c8bSaBn_3Ib1Aeg&dbm_d=AKAmf-DEju8hOlFhB7virpsfEiio3Fbi_WbDur_N6ss4NA1KbYi3HRq2t5N1IIMb4RH_8J7tLRJZcuDQ8F1s9PjOCZDSmZtmVJjjwE2aB-kScNHNs8_19Eg6hEUvVb-JDB7vT-Qe_IoKggXP1mjA-tQr93k2D7gGJ8p-2KibsTo3tLTVAHtfBSVfpw605RyuXtcji8Mwfp7rdlO8TEEj4Esji3DJGDT_byRYKR_tFLk78kWzkFWjAQiVJFVcot7AgVWLIL5y0uITn0Prmyotx_GRyWUAoy9txtr7HeVf1gr2xpKwlGr3pP1REkJx6trniBTU_NcM5MJGUjLbu7UxGqfCw4eJ5LpAiZslZJhRZkv2ooqYwj-Q0LolnMclAY2bzEPuaQHBL4Nhz21KcMUyk-nIgFtr0sL1PIVynwnSj4p_7bTPdddNRtpwTTdiCK_vrzqUzuMKPrya69egdo3CEjmFNH5H9Dp2lkXrQq6Fq8LDClhc3jclT_n8S_Dan11SHQ9KYDp6ygCK8MHAqOGtW_oEqOz8amWl79zJ3SjM00CUkBaaxe27Oazy5j_j2k7sfjfXG6b7t0eB4ey63NjKHL_tpca-QhgIHTs0xTQ_K2qUDtABmisveJx6D1uS_x3ORb2NyXiHibaxLanKiW_2OH08CoGJcgVHYnyQZpGr2DM5Vz1lEODs0beHXas9eZz2pjO4QngZzp0hVvbhLMJiLiDZaW2dUEd1pyW-2fbYWSxaeI0rOdSzNIELMO7iZRyjPoQu4zvlTG6zwRisk4aZrPKaUT_ozUU4hivHvbNrBFGXmkPa_QzRslmIqDKE3TsHqNAedtNjQ5vsOaNHjpVpiKHAjX1RkubmTzJnYKzrldloAW76KRFW68Ws-ttKCi27rkSB_MZl4v-5klKoll0vvrF63Hc_t2QmZjbLkvN_CEX1UbVx66uUBgU5x0MDC-eDCaCY6nc4cVmnusC7iE8RFI4VKjSa-UiNGWeZKZrvfZ7-mvPDSWn2ZFezcNfIt_aVlAlc1WXy4_6oFhrfLXbixRHbsWFo_NUIidMlD0hBU_uoJHTdq3dv1qcHfKf1NANb1SnIm8J7_vagj7LO79Hv91J81mNDwSiPR4MY3ohPu4o7tyWTIVWMvY1U22EHcvwc-RDzRwqyojoIqymp_KmaTpQotNQaBBgGxVT1XpZkLvgSpXOa4b6igAPHtiLWOt__7UlmLbSjmMkLz2u_O01PxBf_SydFwQ1rGhIh5qZL8jsT7OZnSlObF-DK-VQQl_leYdQdUb0dc3em3giENMfnu68Z4ds4UWwsa4IwH3ZrXmSj7rkr3rgxIiUNLRGIQ7Hqz9NO5at7__y4kuxvToayyptGXPQmfeMXEQm07h_jtGw8liJ85StnRblR3SfAGL4CYqoo7qes14EB_mYy3IqDfEaD4gM8tVfHIX5qJ-6Z9hU04wka3wSPq-E9vWjsi_fo2aEoocBymbYynJLgFIEeqpjC24-qpO3RftEongXPugRH5QtYw521F7jg3CjaZOTYZIf_PdMXgaNdc7HH5MCM28nlsO6asUTHrKiaGqr1rXrdTVW5vM8_A9HqLj_s7pLcrY-geZh9jzfv7cvP7akzSfGXnBjf3pzcOBXhheP1xV0xNg9Ipekzz2CO00M_sWDIy76cMgo5GqXk4s_hD-Dmd3UANHgKMXSJivJySbvvoEj9NMGaKRn8F8PcsPKTsep4ru7wEu8tSFbbLF2eqwtXS-1xnSoYp7MDYXHFyJxB2WL7XdnTgnhEgVsBfCsZHMmrbuZzN1NLXgGLgyEO3mjEUWBCfK0uTkUu2kn4dygfNtpYE6iz7IIBH0P8uUKAEKETfSr8k_vCPBhubUbRUjKuJ0fMh71juEOVG0nwDKx6k6Dq1SDKQoby9-VCfWcXwjEIguhTfKGG3evBnc4zSfe8OQXWvREZKT6Av4THOvUNEeO2mrfuMq3rk78zCUzfrz3Zg0PvaJRXFS_mS8xXxLpzB3NHx1IYC6_db2sCeF51cFaoV8nZpE_W0J-7NvJvtiATK_f7ZDfvTnwqPT7bF_juj6e_5cWWPhmFUxKU9U7aZD6lu0_oOjN9Gi-0pqBs6mgWH8FEIQAszFyA_iIzHXrtAwWPt5TJzw3MauBYkEspi2-gjRIN-J92QCw2knvFfOJ3UwPc7Hxc8TY-diVinBtry9VDBK_2gHLn1la4438KIvgZ51rJegj6azKjz7yt7mgqUIWUt8mgjFnM0lvbVxcBxULee7rwROt5iaY86cMyBBMZtUNDzfos3c6zGjgfTvcq_TVYNscbDTyGjyiqc8jep_qdRhaWlNe2MYn9OCEG9X-1pdGNvSwzaDw9CXZQMlkhbD_ZgqGE6c4ITddUiCl-PPPpTYaGED43vOMDzm9HXYo61vYSiyL2SmcjMKw4S6by6Pk2ShlnZUmXFNn_5Lr04OEpSEpHLjHOYtL_MFsEDaFbeNjcdvjEmj8BU-SnwlCx5l1Vo4sXUGDEfaWfAPkdobexzbeTfrSkcZRuy_aWyiKhQUWLGx2L_4tAfX4u4HVeKuX3TbvhD1atDGoIRlvRhpADuT5OmWQaAy81fNrFsQjt5zehOGQv6LTFEvzjBzSSelR8MXWpcCwUWJSDHLP3im3eWtuBzeVYcOzoemxrR0ZUguQF7aiKzydZ-cuKAD71zawGcnMJiJs44PvcNbnrz6Nm3uvMpg_3aOZzt7Tuv5Kc0QuGkIBbfYQlGhs8-QQuxu1NKwUZhl6T3xkJaWY1xkd0vRjvWdqgeGa12E_W90DRWW8zA6DiX_xc6L-nqJJpls51R7risXsUQB0GKLqaDi8JTEDhDg_1ku1MQIULWRP8BorcqK0H7DEI5peXSCVizuXHB6CZ1ZxHMJJrYuKtokoy6BZqDl-dvc7h8nqJgA9g5LQlYRK90KkhpWqyo3Gv4Lo_XEeShXgicaW7KeYivffb1dlUfUPIGBv12tQCvzQM4Okq-jUCNoim03kqY_sxP9eNVgjsa7ry2BPC1i0HU9XIJoKUoejpdTly6Yro3kceASO486e4tCQ2Be-jDuDucpZW88xOBW9jUp5G3H07dQhA-fPI5lwRQOdymk01iyKK2h_uMxguR4hubnzNV6T1_GjF7SLcLwBQ-OGyn5K1pn67HTfaqLKz7af6l2BFrD1aU3sEfuR-NVSfxD6HMrMsgGVcrOMPbiuFi2V9kA183ML2DbCNj5mFLjWKHEHZGA1ZJA9Xgz0nSZM-6cGafk4i3WU9hcC746eX&cid=CAASFeRoRsazHV1fG0YdYkpswMvetPPnUA&rfl=1%2Chttps%253A%252F%252Femojipedia.org%242%2Chttps%253A%252F%252F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 30 Nov 2021 05:06:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8201 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H2 200 IB_DE_On_M2_GDN_300x250.png
s0.2mdn.net/9504762/ Frame 8201 20 KB
20 KB 137ms
7ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9504762/IB_DE_On_M2_GDN_300x250.png

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4170cff538133709c665ee3e751fe7bd0b77eef4ecb91a61aef8648542900e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 18:52:48 GMT
x-content-type-options: nosniff
age: 36797
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20014
x-xss-protection: 0
last-modified: Tue, 08 Dec 2020 15:27:27 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 30 Nov 2021 18:52:48 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F30D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

40ms
39ms

Image
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: H3
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Tue, 30 Nov 2021 05:06:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame A399 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DHtizRIg75OTLuUcVgABrMjAasaqj51qciokHWgg1ZRsKjGFLi5_1pdQp1oAGFTW_9btjOzkXa-pyILsm7-F5SBNNoOZljGOnZYoKWXWbiR_syfyQuLqP9eXXC5JL3GNMQyKQx4DZ4Wr1mrol0FthA7ytHFA&cry=1&dbm_d=AKAmf-AUytijPyU9CsiHgfCiQ7YwChTlB_puSEjJzxlhI2PlUFEUW-PckertSNOK6x1VFaroHFN5MoLqRBILUiMe1_-K-LqwJPJZlL5InouAEtt9CaK3vCjdZze4niGrfoVT_iGgbtUlytmOrk7qkE8RdYDYxz8oPiLDxSrBWGLPAN8eJfJAb7iybvIkWsno72V3bz92ufKnK-k4_WuiXs7QDLbJxnIIdv9DcvYrcmX0B6W4NSSlRTLnXAStDQ6PWAXQNVOwMDN-gVtocyuQqDQlhpnrEAaIF_d4r2AWyenA-CEj4jpURZVexQIyuY3YC-C1GGdt4k749sorLvXU6VYZgBuy7XBsaiebRnIPibCiL7kt-USipdvnVwEXGIEjlrh18RY6fVCtZUMTr6Z9LRjVMVZ_uSVKbKITZb3ZAXHthEyPnA6jF3o_KoBPBvoZwzRk-fbx8wbmwmlGWQ4XFjJ-F1Hh6wPgu5hxWA5-z1h7BuSmJKaPF8Q8QGFTg6zRBC6bQwVrg0FQ5GJJyeNWt7Tz6VxDuojaChMXehCw3dTgzPXYyfJ8kVVyDWLmcdy7BlGUvcQTnxRpca9B6k_HQJhSMoI6qdP2zIDi_sc3zeo7zrh_XdxbKjvmF1Eyjyzl8Dz-KepnBmGzFHmBZYew2YdFA5YABGn3phT9O8ZcgdivkU5nUMeqkN_GB6JnbBVB9rNSoeVQsjPqV5DK8ihlP-xBPFkf-VcdygLRZqZwTvcjjQXzlATW59vxKpRQmsHCEDO8bbw211nOPwl5-IfHjanMWdSE_H9qHLBtj3e9VjzxNvq9lHZk7dQAhJ6Aljlga--mvwqFOOq7h3IWZaxToJ8HU76BWnSXa3IVxZg5Y0G9YFKhJFbb5rlHOpNfSYYVClMW99IutdioLqONtUj2zfox0Zsy_eu8P3ZtJlOMQWpXy0hX2b65la8vAbZIcnffXqiOk2lVIGdLYot1YSxLIbXAVhCB2Mx3wEZR5tu2FpGW_wLe1DR6pxJk21KeeHUjYbMyWgCV1-vxdA4u6Ta8FReEnB3G284__sibRuxF-YIoxhs7GtGgR5uLg2qlLMXiU1aOCb8_Aet8D-huyLPtboZq7hXunqateQUQutwxfOPQ5mxM5zaIuVgAt-lqYdn2fKEhtIjoDYHMkB_0SMIx_edJHI0coeqsTJLhqoj-QIEPg_uwNxgK-5Zk8B0QlwvcxUdEjWK3r-xnaU1LeJIbdfOcEixM2mZo2yzsnWqZXzYadGItU6qUS358viN9z9OUs4f3OG1x6lqaw2UR3SdwFCQ78xcqnT7arl-ESCRQyKyDWaCvDZ10nIzZg2y0Cvj3wCkcBw3YX19KL9WPbFaP_pTpqPxT14W0ThBYkjHtHwBvsfOI3biO70jY8B_2jg_arOO5g54UihBQMzrmuKMpzK2wTcuoC-0Fj6HMMqj0fl0s0gVlq0bvcfH9pmBrbFJLaElOtLi27JBFw5QN-O2QAr9OU7gEahr9G1r0YzV0LN-4jMjQ4DHR4k3azfBOE2lgvdw08Fy4_Tn9ct1dESHoHVWzznyfXwoTAB3Q-aFIRLyJszH22aKxmeMgLizk8Z_FfhA4-4EGMT0qpmhBAa09bsor-jfMVp5dpu6pgiefGMjt0en-d1fdtwGiAMhOzgoj2suHceQFjEBZXKyTgwe_mmZx5BQ28x-g4t3SbOymO_Y2yi81t6T3LgKNSaQ0Yu1k01XYOvT3ZduPXcrbXzcwOec22xHGCI112NtLBeIwLB4GhFhwVTG-m8GDdFDP3l1l_kodZye8Gm-KrKUOdeiKDNAhrGoY7UHjXBhIht0EFnwHGh20XmIKv976u5Xz0mcvtFicxzI8FG_SxSy4RDXZoKH2BHN_d0kQrtW4O7vtJz3H-MUtLom4jqvdkYE4nSnWKR1fQQ9A-yU1_acy0AHAWDxRnQj6ouqOiY3x2QTCpCGaWzCxZKPNdcnqUDF_3C16q9wU3qA4UtznIMx0ahAR-9YQyneLZvkzDAHDlkoNXeBf3Xdzmt6_SRTKjcsFTqsDDWnuwgBdcwB10Kc9iZNH9NcatDCWhGQjI5xkEizwW0JW0ULFHd2360fEHSHZRICFA0ZkT5Z3Nz6R7NkfM0vcGo_kkNLXs1c4QwmxxFWeCQ_x9ZwEGCZMec8RVUsrTFnFcTosGeZrQr_5k4LG-du303yTHd7Y5_r_3VaicrChpFJTyRqsaIGhRg2NmxUYFwaH-LpgYcGDRGSLWEVvZVCGazJVCpRhLGikWdQpfxUXknaFmfoK5g7KzWbf-SuzavxQHWMPUX3N98laXmlW3vT7INl3Fqlemu5nX_P02VYCTmY60t4peumzeOH9dpw_R0rU9cU9q03Ghr4HyC9ww-wtBD0xkA5jdsWO28ICL2ijhZ487lC53NSZL51oQP4fHpPKPjP25NLrFpswdDWCvBPHbr7O6NJDKqSMeA32fh38KuXYm88rtQNtGpfafiicrdGr8AG1d9RtvgXRD9ebW6hTMwRpiKBBcRStVA868rzZu7zMgBoc2wQjwv3OIe5UYUOBC2u1xv1ysAgip1sFSOWLrjcTivnj989GqV9ImQiG7RddYb9vpIxDZyczypHMapg3xufijBhcb8QS_fwR-cNKmsRboWVxAIzKe9I7UwTEE40vVipsIDBbFNRnv2HwnQW9amElo845Xls8Uv24RxzIrc01eMVZlw8qWYOMwPn6fVUguFLXEGoUeh56l3jKTEFZNWA6PMuN_cNN0nh6-_7YTg0LUOPTV8-UmKQE02J4PqJYR4cRp79bLxwcQzzJo4vsnGMGn06OjbT1yIyNiRSnbQDcexiK-jHEgFxrb-tFQBSp6OpqP7iiGc_AzOvO9sNbksf3nFFz4LLoCsGuEOGfLCC6tZSDjwiLLK84n3dOC3msQTz0hf2RMt8XfzJibh784fRy3vccPttjetNVlbeu-mm9Ua57XiPTUi8gsEkkCU8N_U1GwFSrrBaz95Hp3yBYYLGhXchtNTDGQUzX2VzXa1RbjiqScxSLL90vKwa5hiDuXxg7vUsDZVeWj25Q3A6pod9spOdnRNCFobGT1gLxaOieCptlQzWDH7RrJI756hoLNpSDQFDCNYaY9r7h1bTcc2PQSALr2FSzU6P40wTrknHcZsn82ZfX_S7p_h64R6SMLPhsVGLxKH_nlq--IAYLOgU-bSaRZ6rk-1Arv_u9ArrPkgV1ZGuEI-QUQZRnRcoM_HHtmxnW6XuWr2DKNG9U7P-EZAPfNoXrmr8Kle2kgFbyUzkaRo27NIG1rVfv9ZSU2unWpBDnN2o&cid=CAASFeRofh_Godwsa9iq1dHY0yQRjrw03Q&rfl=1%2Chttps%253A%252F%252Femojipedia.org%242%2Chttps%253A%252F%252F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 05:02:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A399 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F49B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1

43 B
1014 B

31ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYgc3UuQEwAQ&v=APEucNWD6vBAvf9PV33ZYtxYhI55wZPzovIWz0BLDr3ZxAX2XrX33j820wlVD7-VTOyQbiwReqHbvJ_n-emVw2Cpr_3_fBqtLUlu1Y_PeCZnrWwhmWp25PwVnLd6L-ppRJuJe-gt9ugn_fyh27wiCC0dsyGlLBzjWmcOQFUM5kSy8x0TOChUI7Y
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 05:06:05 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F49B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaWxPfsANDeNnOeCsPD43wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1

43 B
894 B

12ms
11ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYgc3UuQEwAQ&v=APEucNWD6vBAvf9PV33ZYtxYhI55wZPzovIWz0BLDr3ZxAX2XrX33j820wlVD7-VTOyQbiwReqHbvJ_n-emVw2Cpr_3_fBqtLUlu1Y_PeCZnrWwhmWp25PwVnLd6L-ppRJuJe-gt9ugn_fyh27wiCC0dsyGlLBzjWmcOQFUM5kSy8x0TOChUI7Y
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 05:06:05 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F49B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIqbqhdfE7bt3YRFzT42dtM&google_cver=1

43 B
1004 B

20ms
20ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIqbqhdfE7bt3YRFzT42dtM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gYgc3UuQEwAQ&v=APEucNWD6vBAvf9PV33ZYtxYhI55wZPzovIWz0BLDr3ZxAX2XrX33j820wlVD7-VTOyQbiwReqHbvJ_n-emVw2Cpr_3_fBqtLUlu1Y_PeCZnrWwhmWp25PwVnLd6L-ppRJuJe-gt9ugn_fyh27wiCC0dsyGlLBzjWmcOQFUM5kSy8x0TOChUI7Y

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3299a004-94fa-463a-b8d2-411a8f571622
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIqbqhdfE7bt3YRFzT42dtM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F49B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwOTc0Njk1MzE2MDE0NTIwMA%3D%3D

170 B
232 B

47ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwOTc0Njk1MzE2MDE0NTIwMA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: bb14654a-7806-455e-8224-bcfa39d16c7c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwOTc0Njk1MzE2MDE0NTIwMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 738D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1

43 B
1014 B

28ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi5rtGYATAB&v=APEucNVT8g7vyWMZiFswkxjtWezhQPMUCs1XgMGNJRdg7gonbvEUt9k880yZH2raDWtH17BbjfYZ4Z6UoW-bMcSiJLa60G6AsiUX6_X2cyJ-Xh8FijuDZYWnSokiDlQG23INJAzFAyjnYd3uIAI_Jevl1l0rLvpXjJluqBPg5JU_UAIASZ6V8jY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 05:06:05 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 738D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YaWxPfsANDeNnOeCsPD43wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1

43 B
894 B

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi5rtGYATAB&v=APEucNVT8g7vyWMZiFswkxjtWezhQPMUCs1XgMGNJRdg7gonbvEUt9k880yZH2raDWtH17BbjfYZ4Z6UoW-bMcSiJLa60G6AsiUX6_X2cyJ-Xh8FijuDZYWnSokiDlQG23INJAzFAyjnYd3uIAI_Jevl1l0rLvpXjJluqBPg5JU_UAIASZ6V8jY
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 05:06:05 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOn4ilLKKuEtAgJbgZkA9uo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 738D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEIqbqhdfE7bt3YRFzT42dtM&google_cver=1

43 B
1004 B

21ms
20ms

Image
image/gif

185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEIqbqhdfE7bt3YRFzT42dtM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMXlgQEQ1K6oAhi5rtGYATAB&v=APEucNVT8g7vyWMZiFswkxjtWezhQPMUCs1XgMGNJRdg7gonbvEUt9k880yZH2raDWtH17BbjfYZ4Z6UoW-bMcSiJLa60G6AsiUX6_X2cyJ-Xh8FijuDZYWnSokiDlQG23INJAzFAyjnYd3uIAI_Jevl1l0rLvpXjJluqBPg5JU_UAIASZ6V8jY

Protocol

HTTP/1.1

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3f0a58d5-752e-4b09-af8c-cf19afae791c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEIqbqhdfE7bt3YRFzT42dtM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 738D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwOTc0Njk1MzE2MDE0NTIwMA%3D%3D

170 B
243 B

47ms
18ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwOTc0Njk1MzE2MDE0NTIwMA%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 91d4e145-4804-4af5-91cf-a418d68699c6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjgwOTc0Njk1MzE2MDE0NTIwMA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 8292705440596504899
tpc.googlesyndication.com/simgad/ Frame F30D 107 KB
107 KB 9ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8292705440596504899?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlBAkYQ9iRFQfunIYjmFamsl2HUKQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce763c8929720540f8cacb2b8a29fbc2bf49bf4e9b2553c31e0037fd3e211ffe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 12:16:55 GMT
x-content-type-options: nosniff
age: 406150
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109822
x-xss-protection: 0
last-modified: Thu, 18 Nov 2021 11:17:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Nov 2022 12:16:55 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F30D 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 09:41:39 GMT
x-content-type-options: nosniff
server: cafe
age: 69866
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 30 Nov 2021 09:41:39 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F30D 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://emojipedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 29 Nov 2021 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 69180
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 30 Nov 2021 09:53:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/ Frame BABE 24 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/abg_lite.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:02:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
server: cafe
etag: 15988442915344899701
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 05:02:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame BABE 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 12:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317880
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 26 Nov 2022 12:48:05 GMT

GET
DATA 200
OK truncated
/ Frame 8201 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d70e765fe585e6871cfaca7a2c57f125237f49d7962252d47284f42b2ac582f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0536 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 317879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame D3E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIM2qLwH0wng1NtUpknjAHk&google_cver=1

43 B
61 B

38ms
20ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIM2qLwH0wng1NtUpknjAHk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXlD_GfxYp6N2-WpC2Ma4145LUXZTmzdrMs9giXOUweJ-a-qssLKa34thSKKDstXh6xfbz7XJ6S0WYbInl1hwHMaxvILMYMD8N1BeMt3bp0TiuNQqOnftY6M4Iwzp73ktExH51-O1qicuShQmEWTExU1MKJxEjiU8d5GKuuL82DPMMjJfo
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
via: 1.1 google
server: OXGW/16.221.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIM2qLwH0wng1NtUpknjAHk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame D3E8 43 B
131 B 23ms
15ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXlD_GfxYp6N2-WpC2Ma4145LUXZTmzdrMs9giXOUweJ-a-qssLKa34thSKKDstXh6xfbz7XJ6S0WYbInl1hwHMaxvILMYMD8N1BeMt3bp0TiuNQqOnftY6M4Iwzp73ktExH51-O1qicuShQmEWTExU1MKJxEjiU8d5GKuuL82DPMMjJfo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
server: OXGW/16.221.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame D3E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEKyZGhCjbzfXRW7AxyS2svE&google_cver=1

23 B
172 B

30ms
30ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEKyZGhCjbzfXRW7AxyS2svE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXlD_GfxYp6N2-WpC2Ma4145LUXZTmzdrMs9giXOUweJ-a-qssLKa34thSKKDstXh6xfbz7XJ6S0WYbInl1hwHMaxvILMYMD8N1BeMt3bp0TiuNQqOnftY6M4Iwzp73ktExH51-O1qicuShQmEWTExU1MKJxEjiU8d5GKuuL82DPMMjJfo
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 30 Nov 2021 05:06:05 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEKyZGhCjbzfXRW7AxyS2svE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame D3E8 23 B
172 B 64ms
36ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYkeKpXTAB&v=APEucNXlD_GfxYp6N2-WpC2Ma4145LUXZTmzdrMs9giXOUweJ-a-qssLKa34thSKKDstXh6xfbz7XJ6S0WYbInl1hwHMaxvILMYMD8N1BeMt3bp0TiuNQqOnftY6M4Iwzp73ktExH51-O1qicuShQmEWTExU1MKJxEjiU8d5GKuuL82DPMMjJfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 30 Nov 2021 05:06:05 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H/1.1 200
OK 4as54di69f4s Show response
hal9000.redintelligence.net/zone/ Frame BABE 11 KB
4 KB 55ms
12ms Script
text/html 138.201.63.157
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/4as54di69f4s?subid=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwYcwPLGlYem5NYWB7_UPh6ey0AvdreioYLuP39SICvAuEAEg1bSZe2CV2qCCsAfIAQmpAhn7Ovmv8LI-qAMBqgTsAU_QsR5EoxU8WCL5Oj_lT5xqJYHy-5Ya7eQdVJjvt1lUkNrsFXSK9xlB3tsdWloBDCsiErPwUdqCviVts9n8_QI7qmuR9427aK6NyRTEk7fjF2uzQPDgGngvc6uu18baQgnhleJdA50URNzuf2P34blOKBZg3UNb708Or4OUbPxQdR8jfmQ3z3OvstYvrnQC8ke1RUyfmlPK_dZwgLF7vWyl8fVql8Q8H9vsMru8Nr_5EByU9KsOmhuDG3f2NAj0uWv9czalbfUxAIfQ-YccdGpe97JhqbbC6Z_TJVMbSdLPndhsNIQYDfp4jFAUwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTIxOTA2MjgxNjMwNzc4ODeACgOYCwHICwGADAGwE57l7AzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoNt2s1CHl6TWwVms1TtDaswZgDg%26sig%3DAOD64_0-IHMxEepEhi5tk9UW3utgVTaYlQ%26client%3Dca-pub-4641608711979091%26dbm_c%3DAKAmf-B07MWVKxaj1TSGkxijHwh6vDCbRWvqOUwhpes_F1_IRpqNdpXUzdUGTV3vMw9_Wb9TbZuh0gip6zMUSffFLfNjEKwt-JxFB5GaJ91kZWczWsPyUBiWlAKR64fMoOF2HQAv8ygPNSjJojBUO64SINU4NcypCA%26cry%3D1%26dbm_d%3DAKAmf-CCxXUkTnsSnmftIBe24tPEEynIlDxsmKyIvMsT-hBLoqTWJ6V4kXQpCHWVjCEDQJHYIVxsV_HKZisH7Brh3HOcQ5rnchczq4bmFvS9pBbjQMD3qLqT6LFE8OY5jCI3A1s2Yq2s7Ikb6MtKvGs8Nod4UQOxveoJ7lwEGY1tT3QO0zb6JB8IratCSw5xcxwpNE4Zf8VCSWkjWLJERywqz9o4TJuDvy_mmTa0dpAkZWwGHEmJ6x3Uc6ZJ4l7g__MpJjIJ1jNLtq_M2tGisOBEcKFnRP_-su1gJTocviWSa3m8TWGbWTa9GJtRl6A8BRI78_TyYzdHOas0xUVXoxOMeDaRSjTZ3eEDIx5QCOWq1aE5FlNy_n-rzf2cuOfm-IN1GsBBv8B27IHXNcBTtw4bkYAhH9R0xvvBSWjPpK7GK6LcaO1TJpEh55X_Zid4zTfxQ9QOPZKnTPftvJpEOLNZIY4Vv9bjMg%26adurl%3D
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.157 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.157.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: d31e7e3989fbaafa1e9b34044d03053a722a86339a24062c59de1f72be690c1e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3952
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame A399 33 KB
16 KB 30ms
30ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=50753021;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=55644288&extPm=55644288&extCr=389359233&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CEpjSPLGlYea5NYWB7_UPh6ey0AujsL79ZbuPv_fcDrn20NnAHBABINW0mXtgldqggrAHoAGR_tGiA8gBCakCGfs6-a_wsj6oAwGqBOoBT9Bq-LxVRJADaagldE46mCS5Gdnwr9WeKo_LErCMyt4wySyVsW9IbtR-1NsoVENbfOqT6jbNjXWmnoSEjbu_hS0AkqjXG7Yq3H4695T-jK-Q2UtopbCu-XsYkEKi-7RWJLj63dUZA9G1dqT05vS-lt99s7Q1t69mpCy3G_L6DYv91mXSARkT2B2ZHPOCEXWL0NsPMfhskw0WflkMyPf48ybu9wQJVL36YTZMRaoxE_wA3lP_Pmg6XP7cYU60Zy2d4DG5_O6Q-GcgbztnAVIuJCD4mlb4lkg5pT2pLqX6oAEjMfFfNeEDn7I7wATQ8bXJ1QPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTIxOTA2MjgxNjMwNzc4ODeACgOYCwHICwGADAGwE8WgsQ3IE6uJ790D0BMA2BMK2BQB0BUBgBcB&ae=1&num=1&cid=CAASFeRofh_Godwsa9iq1dHY0yQRjrw03Q&sig=AOD64_3JbedZRjhp7Wi4rgyJIjgT7_He8g&client=ca-pub-4641608711979091&dbm_c=AKAmf-CZY5-YB3tI09Yr7NOSHzBzvYeVqj98B00h9AciST3zn38bRjKZzSDYmdN00GYsrUysXEBnVNd3iJHt9aUYS-IYD-qCODHFRZuqV4NxRuilQ_XKaoFDfnMWwvKLcIOWu0VjN9f_2BCETXbqYYKIrAwyRi9G6A&cry=1&dbm_d=AKAmf-A2EhYSeZr9l7wCfJkFu-IJjbspK45ER6mW9vgk6SyMLEvn7aFEsAkY_pGf_04z3uM05Nf4rQnseeZuXm539hn5iX7v_fzQ9pvTGgMqzFmrGFNWuYKKLS64z9EVmfBl89l7dTL71BU0-XgMQS_1E-TzcLJb0CLfQrWYGU2KC27xpH7eqQsnP5XsNotm4OWwM4c7cWfo1hLazrQfTZkWToSRcrkQOEUKVI1z30BfeqmgtKbq8Kez2fueQAlYzVVQ_BNF4yBi5UT07Ohpd_omTsumY1grL9MoPVToqOL1vpE11emPhouLFY1zQagBtl3tmFg_eV0knUjDhIuG4ROF3UEL-pcrMHC3NLMcL4w26yNLZR7kSzXllIxoAyhbHkORa6Xs4Ss6mqe72lKoa5PDkVJqjpDWOU2let5tSaw4SFl1FfXaD29p6jBc5w6HYBSVoGh8H5UIlPyLELrcwyi2CdL68kM6Nw&adurl=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 08:29:13 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8201 0
23 B 44ms
43ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 05:06:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C64F 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 317879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 7788 5 KB
3 KB 18ms
16ms Script
text/javascript 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=43756538;rtbwp=YaWxPAAAAAAp2FMZeKQ5AFGlWp4OYHFdsygFNw;rtbdata=bN-gJ_rN8wUgLWUCuGyN-DFJ7Uu42rj1fC1leQ6jV-9u1n9Pi7ptX4UUH2ZpjO4q8XLp8x7u8wrPK9DzMQSLOpO43RyFXdQbTL3TGteOXVG-jyY5em4Iu49xDhsJHZlVOwBg4JH5lN_--QfxShaGNWq9rVoZoZn3P2EJYgA2c6R8cY-xTn20j7u_o8G4E2Bj4QoIufifaHMVz6V_9fcrJW44LSW6KU4VgIjETMfMv581;js=1;adfxid=1x;6700;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Femojipedia.org%2Fsnowflake%2F

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

65c875bd0ff890707d3dbe19a1cc23933d3617251ff888e64d5aed08f466903a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2348
expires: -1

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CDC0 22 KB
8 KB 9ms
8ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 317879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame A399 2 KB
1 KB 58ms
7ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=50753021&sid=1366186&dvregion=0&unit=728x90
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 44216edbcf372158d065f2c7062712c9c829648c355066e7cd14242843005d81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 13:07:12 GMT
Server: Microsoft-IIS/10.0
ETag: "e066f48b4dbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1168

GET
DATA 200
OK truncated
/ Frame 7788 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b25210b8b84a1dec7cfe77730c09c3955cbbbc91dd9cbdc6cc1a38055dd4b616

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7788 0
0 48ms
46ms Fetch
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxqcgHcj9NiJoAtg1cLJ_uwwK8zIk_Z4vALJK4SGN8WYlgEkkoQ0z0yOHu8vm3Mx6jFHiyVbDVbMq2NB3iXY3KgSCIF23sWg018JKi5EeCh2EZI-MgfABdJQCRfFxPvTCegW-yajJqBjp5Z_pCGv8rbj-LLuSoRHbkdOvcCLRxnCNvV6lVNKFhZvZFQvCWimiclVfO_oS9zgwhwkPC6GkcC9xsPuQgMOLVooPBYivSbfLeP0Wdi6lv4MGu1b1lbquIgu1XtR0NOqcT1tooQj71DDZtCclWbrpcIg0OpvDFfCs-yAFEuBdd227fprJYbFeXGcoKiA&sai=AMfl-YQZzQD-lxuEq1r-DYnkhTvuFkHCsVDF3E5XBZbRCcywoFA0uYMnETC8pv4d33-0asFbEE4tOjG7teM-yYBEXv-6OHA_Mzr_hIBPDJEmZqPre8Y8ED71QWPURZVIr0g&sig=Cg0ArKJSzCJO8Qh8rv3bEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 05:06:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 30 Nov 2021 05:06:05 GMT

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 0536 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:44:17 GMT

GET
H/1.1

200
OK

request.php Show response
hal90004.redintelligence.net/ Frame BABE
Redirect Chain

https://hal90004.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=02559807d7&subid=&uid=2d5af116ed0c89fd&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90004.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=02559807d7&subid=&uid=2d5af116ed0c89fd&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

612 B
934 B

138ms
116ms

Script
application/x-javascript

138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=02559807d7&subid=&uid=2d5af116ed0c89fd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwYcwPLGlYem5NYWB7_UPh6ey0AvdreioYLuP39SICvAuEAEg1bSZe2CV2qCCsAfIAQmpAhn7Ovmv8LI-qAMBqgTsAU_QsR5EoxU8WCL5Oj_lT5xqJYHy-5Ya7eQdVJjvt1lUkNrsFXSK9xlB3tsdWloBDCsiErPwUdqCviVts9n8_QI7qmuR9427aK6NyRTEk7fjF2uzQPDgGngvc6uu18baQgnhleJdA50URNzuf2P34blOKBZg3UNb708Or4OUbPxQdR8jfmQ3z3OvstYvrnQC8ke1RUyfmlPK_dZwgLF7vWyl8fVql8Q8H9vsMru8Nr_5EByU9KsOmhuDG3f2NAj0uWv9czalbfUxAIfQ-YccdGpe97JhqbbC6Z_TJVMbSdLPndhsNIQYDfp4jFAUwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTIxOTA2MjgxNjMwNzc4ODeACgOYCwHICwGADAGwE57l7AzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoNt2s1CHl6TWwVms1TtDaswZgDg%26sig%3DAOD64_0-IHMxEepEhi5tk9UW3utgVTaYlQ%26client%3Dca-pub-4641608711979091%26dbm_c%3DAKAmf-B07MWVKxaj1TSGkxijHwh6vDCbRWvqOUwhpes_F1_IRpqNdpXUzdUGTV3vMw9_Wb9TbZuh0gip6zMUSffFLfNjEKwt-JxFB5GaJ91kZWczWsPyUBiWlAKR64fMoOF2HQAv8ygPNSjJojBUO64SINU4NcypCA%26cry%3D1%26dbm_d%3DAKAmf-CCxXUkTnsSnmftIBe24tPEEynIlDxsmKyIvMsT-hBLoqTWJ6V4kXQpCHWVjCEDQJHYIVxsV_HKZisH7Brh3HOcQ5rnchczq4bmFvS9pBbjQMD3qLqT6LFE8OY5jCI3A1s2Yq2s7Ikb6MtKvGs8Nod4UQOxveoJ7lwEGY1tT3QO0zb6JB8IratCSw5xcxwpNE4Zf8VCSWkjWLJERywqz9o4TJuDvy_mmTa0dpAkZWwGHEmJ6x3Uc6ZJ4l7g__MpJjIJ1jNLtq_M2tGisOBEcKFnRP_-su1gJTocviWSa3m8TWGbWTa9GJtRl6A8BRI78_TyYzdHOas0xUVXoxOMeDaRSjTZ3eEDIx5QCOWq1aE5FlNy_n-rzf2cuOfm-IN1GsBBv8B27IHXNcBTtw4bkYAhH9R0xvvBSWjPpK7GK6LcaO1TJpEh55X_Zid4zTfxQ9QOPZKnTPftvJpEOLNZIY4Vv9bjMg%26adurl%3D&documentReferer=https%3A%2F%2F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Femojipedia.org&random=3069794640542&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 138.201.63.116 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: fcbbdcc015667b762e101490459aa83adf24d710f07e5c3fc6fc2be9ae4b4178

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 13752200014707400757589011794004
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 328
Expires: Tue, 30 Nov 2021 05:06:05 +0100

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:05 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=4as54di69f4s&nw=20&renderingType=javascript&namespace=02559807d7&subid=&uid=2d5af116ed0c89fd&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCwYcwPLGlYem5NYWB7_UPh6ey0AvdreioYLuP39SICvAuEAEg1bSZe2CV2qCCsAfIAQmpAhn7Ovmv8LI-qAMBqgTsAU_QsR5EoxU8WCL5Oj_lT5xqJYHy-5Ya7eQdVJjvt1lUkNrsFXSK9xlB3tsdWloBDCsiErPwUdqCviVts9n8_QI7qmuR9427aK6NyRTEk7fjF2uzQPDgGngvc6uu18baQgnhleJdA50URNzuf2P34blOKBZg3UNb708Or4OUbPxQdR8jfmQ3z3OvstYvrnQC8ke1RUyfmlPK_dZwgLF7vWyl8fVql8Q8H9vsMru8Nr_5EByU9KsOmhuDG3f2NAj0uWv9czalbfUxAIfQ-YccdGpe97JhqbbC6Z_TJVMbSdLPndhsNIQYDfp4jFAUwATOjruxlgLgBAOQBgGgBk2AB-vn6F6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTIxOTA2MjgxNjMwNzc4ODeACgOYCwHICwGADAGwE57l7AzQEwDYEwOIFAHYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASFeRoNt2s1CHl6TWwVms1TtDaswZgDg%26sig%3DAOD64_0-IHMxEepEhi5tk9UW3utgVTaYlQ%26client%3Dca-pub-4641608711979091%26dbm_c%3DAKAmf-B07MWVKxaj1TSGkxijHwh6vDCbRWvqOUwhpes_F1_IRpqNdpXUzdUGTV3vMw9_Wb9TbZuh0gip6zMUSffFLfNjEKwt-JxFB5GaJ91kZWczWsPyUBiWlAKR64fMoOF2HQAv8ygPNSjJojBUO64SINU4NcypCA%26cry%3D1%26dbm_d%3DAKAmf-CCxXUkTnsSnmftIBe24tPEEynIlDxsmKyIvMsT-hBLoqTWJ6V4kXQpCHWVjCEDQJHYIVxsV_HKZisH7Brh3HOcQ5rnchczq4bmFvS9pBbjQMD3qLqT6LFE8OY5jCI3A1s2Yq2s7Ikb6MtKvGs8Nod4UQOxveoJ7lwEGY1tT3QO0zb6JB8IratCSw5xcxwpNE4Zf8VCSWkjWLJERywqz9o4TJuDvy_mmTa0dpAkZWwGHEmJ6x3Uc6ZJ4l7g__MpJjIJ1jNLtq_M2tGisOBEcKFnRP_-su1gJTocviWSa3m8TWGbWTa9GJtRl6A8BRI78_TyYzdHOas0xUVXoxOMeDaRSjTZ3eEDIx5QCOWq1aE5FlNy_n-rzf2cuOfm-IN1GsBBv8B27IHXNcBTtw4bkYAhH9R0xvvBSWjPpK7GK6LcaO1TJpEh55X_Zid4zTfxQ9QOPZKnTPftvJpEOLNZIY4Vv9bjMg%26adurl%3D&documentReferer=https%3A%2F%2F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2Femojipedia.org&random=3069794640542&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Tue, 30 Nov 2021 05:06:05 +0100

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 7788 86 KB
37 KB 27ms
27ms Script
text/javascript 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/.gSBgiDA/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:05 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 01 Dec 2021 08:02:41 GMT

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame C64F 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:44:17 GMT

GET
H/1.1 200
OK dvbs_src_internal100.js Show response
cdn.doubleverify.com/ Frame A399 56 KB
18 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=1623176&plc=50753021&sid=1366186&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 49a070133915e05e9b7723d25d8f07b12dda78f7d89c5334176329b5dc8019a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:05 GMT
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 13:07:26 GMT
Server: Microsoft-IIS/10.0
ETag: "0fb3411b4dbd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18242

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame CDC0 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:44:17 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame A399 2 KB
1 KB 349ms
97ms Script
text/javascript 204.154.111.154
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_828003680809&jsTagObjCallback=__tagObject_callback_828003680809&num=6&ctx=11655933&cmp=1623176&plc=50753021&sid=1366186&advid=&adsrv=&unit=728x90&isdvvid=&uid=828003680809&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=96&bridua=3&dup=null&srcurlD=1&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=148&eparams=DC4FC%3Dl9EEADTbpTauTau%60%60b%606h43_%60bb_ef6c7df66cc_de74d_g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauD2767C2%3E6Tau%60%5C_%5CbgTau9E%3E%3DTau4%40%3FE2%3A%3F6C%5D9E%3E%3DU2%3F4r92%3A%3Fl9EEADTbpTauTau6%3E%40%3B%3AA65%3A2%5D%40C8Tar9EEADTbpTauTau%60%60b%606h43_%60bb_ef6c7df66cc_de74d_g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=3.90&callbackName=__verify_callback_828003680809
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.154 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb36.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4db6d94b9cfcd5913a62e06536ac9bc9f9f3fe268d6a1123bac424d1636001e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Date: Tue, 30 Nov 2021 05:06:05 GMT
Expires: 11/29/2021 5:06:05 AM

POST
H2 200 /
track.adform.net/csimpr/ Frame 7788 35 B
468 B 17ms
17ms Ping
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=43756538&csi=6myLeXKe4FdwFCHp1sAjht-HtYY3_B5hQIyxv2L49M_rygPkIxxfk8vMafzgDJmc59H3WcGAzmhYn60eeBOPWWQBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:05 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 41371960.jpg
s1.adform.net/Banners/41371960/ Frame 7788 81 KB
81 KB 24ms
24ms Image
image/jpeg 37.157.6.235
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/41371960/41371960.jpg?bv=2

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

ef0d47f1af5311e6146277dab2fa8c51c84e11f116e593d6f082f55578a264a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:05 GMT
last-modified: Tue, 23 Nov 2021 15:00:01 GMT
server: nginx
etag: "619d01f1-14201"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/jpeg
content-length: 82433

GET
H/1.1 200
OK request_content.php Show response
hal90004.redintelligence.net/ Frame A00F 7 KB
3 KB 38ms
15ms Document
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/request_content.php?s=13752200014707400757589011794004&a=1e70f7a8
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e4016c42f03af6b58cdaeba85a83ad2da7af4c10c3db8ecb0b0feefc5a43ebaa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 30 Nov 2021 05:06:06 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2331
Connection: close
Content-Type: text/html; charset=utf-8

GET
DATA 200
OK truncated
/ Frame BABE 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a425454177f6fdca164c06f0d1bce077b9041d9f72211d49cbbbbb1161103cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0536 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BTismPbGlYbTGGeKV7_UP-JWV8AUAAAAAOAHgBAI&bg=!cXKlcjbNAAZQLpa_UC47ACkAdvg8WoECvLEGHcBgSE0yVcJruhqzOKISWayT83xeoAI4gsUmzP0wbAIAAAC3UgAAADdoAQeZAtDOqVP6ZGG-nZkFWE2ALtYgKM_rHEgJqk9Kk9Y6jlWzjrCPRA7UdlhAWkBbTK4a3MwH7eR0NaCHRSTa_eCBuRMXTxVu9uij7F7G1MltV9iADW64OBIUq1Lo-VPWRK6_pbhUv0dpi9Cf9Q08j9fX8ozFJKF9EmThOphb4mibjahAjCBXGoZiO4iABxFtCUKTMfw1LBIgm5-l9KgmKEZ-sstBDKg3AO8rLk5Bmyp0iyLuUfakUlAc3kManYI36b4RjK69ZIG41zsI4eedRsisZjwvSrm4VlZTzV617-SZxnt9pN7-FGN7Q4MBlz8zRbrMiC-mLbUPcaealw8ZbLEhLkBSYy7YmmjhHv6N7jTYKTmwA3x1U7ErMxBZJ6pthfyFrBWgv2-rQtrkVF3ghyRSV42lxC0vIZ22GYkcGIagTaA2Num0Q35Q5XtGceZ0UxrslWnxksg7qZ4XE9EAIZGAsn81uFInP9bxRq9XFwjsER90VN1xzYoEn9CaSzsJaCTPhCm2ngDg_RfPEHji4QnDSWWlIa97GLZoLqQlCBWAtaDdZO0Nvfp3I9nv31c_-Txu4Lsi1XFg386besw1ucbU4bBcZefUV0wAMWI00ZUO7IiQfhTmjKIqYj941sqys51i3G6xRWGAI8m7yFzanwGrFD-OCCwaXLT5k9D6zB8APukQjX8-nryJOEuO2Riii_mz_8_SPaMAeWJtvdpBP9qznYeMa-01ymCRdRnYFUJfDBHXq4w9XXI02HgKAnUWY2yn8h4NFzhPllRujXdwvPqWqCeaD1iAZmldKffVGMf1r0LWpOBRHiTN7XMltK7tJjfQmfiU65_6sAn-81YxaQNeLuhHnnkQFOahIjJnyd-Jj1fLuG61R0xFFAZ75tDJwMYMGBg4eT6oqLEMxwOBMIEm_ebcmGLRE1goiJ8f8OzaWGTsNaQGmfCIrSXDhIJTM6-JREA

Requested by

Host: emojipedia.org
URL: https://emojipedia.org/snowflake/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame A00F 89 KB
32 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js

Requested by

Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=13752200014707400757589011794004&a=1e70f7a8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 22:40:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Nov 2022 22:40:07 GMT

GET
H/1.1 200
OK 300x250_OMAC_2016_Launch%20(3).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame A00F 52 KB
52 KB 58ms
15ms Image
image/jpeg 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/advertiser/32995/creativesup/300x250_OMAC_2016_Launch%20(3).jpg
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=13752200014707400757589011794004&a=1e70f7a8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Last-Modified: Mon, 20 Jun 2016 09:16:21 GMT
Server: nginx
ETag: "5767b465-ce63"
Content-Type: image/jpeg
Connection: close
Accept-Ranges: bytes
Content-Length: 52835

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C64F 0
20 B 46ms
45ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHFzxPbGlYZqEGpDx-gaK6aS4CwAAAAA4AeAEAg&bg=!mZqlmt7NAAZQLpa_UC47ACkAdvg8Wnwf8IoBhE7fZutaV6xBpnIyltXDAXLSRXfRgtCVF1aIhHVUHAIAAADVUgAAABBoAQeZAsqCy3TI4-RJFTvEyu0JzgzzSqy3QTtCdcavuNpRXGGChvPvSkDIswSHFogWe5wAU0dNAMyIR8E_B8w3WMPUkYuO0663WCP4ApOeWZn5CMAYHhRtMoEE4-bPhPW63pUKRlvyRUpnc8pN3Bv86g30EPiT1RJh6YmxggEyJgpamS8U7Yp6y8E_3eVJc4Nt7yd_10O075Mxav-xyzu9yJyQ1ogVFFmFC6xN4HeHVvDvxS4EQ9-hCv7ZSH7sgPR4UM5g-fI4_7rUPkH-m6jInqTA2W-YLAcohZtVRQrgdXs1WcPPe-RP-t7a0NcWhS78G2PKvPEgKI7rGace253yIHiULz-Uk1VwovLcZEc1RAVbOV36IDYbzMSUXQ09qmvKjmJinGhiLFbfmQXAbfeTNR9g6ZiiT8o1ptXr5p2FgS0As9iIJh9fJJhvc7dl93DKe-s_KmIcsF1n7kVAMgziFNxxu3TVqeVjIOV6mcpvR8QKcySKhoKvRry8yQ3HvO2imBtJRbKyH1FRZTef0KoemC5aPymGsFqFRA72UkAE_kczMz_koiK0CG60mPPh-kLxjY-vxjl6FbkiV2a_85o7XkPyNEsktKiT5Dwf35MWo-rzgJtU8YRmkrEAwHH45CWE1RUtxzLSvggpwRllRYR3n2ezWvOkZW8iHYixE1omIn3MOHsyggnUejCV3I55O9FNTOPer4gxZuZ_zQ-BfSx2V4XrY5O_TgW7Jh58_AJbKn-g1oGz80qo3hQh8rzCsQnstjiPis39tDZOfhVe6OexB7f63zo2uTKj8zKz0JZH652OWrg9KHifWChD7HsAlj7JUXSeO95FnJeTffTxU8nw-5ZiBQLpBzcTv8pic3xLLf3b6zglK2YJqaheiEychS5a1E623ZB75sr8lsk0ab1XDMOlnJPxTa6P-bIewJ30d-0eVuEQsGrNJpsNbofqZPA

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CDC0 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BB4zNPbGlYd7HHJiN7_UP_-6jgAYAAAAAOAHgBAI&bg=!qqmlqe3NAAZQLpa_UC47ACkAdvg8Wn2RlKx99U7MRWXyUhLTQQAumZ9VjrZgz3WJ8Wh09QgsPd2aagIAAAC0UgAAAA9oAQeZAsdXmBOa7wxPFrzzhJ-I59aqQS1QKK8k5-SuC-GN4qDDryytKvVW7QDzODvaxJJYMTNWsMectXnFm6iv2tc1VOEp4vuWWu_nudSZpxTv95TU6eQfgSLTc-zZ7FSN4RtTYGaYim0xLmNJ5FCXEhdrkP_F37_AOuMn35wswULL9WKrsckpTtJlh7zuVMU-cx1okSKL9aHSH25usiuUcoemgnQZOzX1_wTgFZ_NQa6k3Y8t7GHUSHks_TsNAVxOA2KFgwcXxhjBs2qfmEhsvZSCbMloazgSzBXYfG2mn7acvvSlbk3cykPAfpZAWEcm4KhXdpd3uA9wVyzswFQyX41fLFu9fEaT7D6Bdyw7RNKTkTJK3bzkYYdbvZ38GthRMT4kx7M49jIIo8yKjDDZMfef_VRwqJJxbAeM-eIz8xhiTgkEevGnbHm89mQv4P0XO2b_vOdmGAHXUoZ2VVvZxa86dbiYXH2FpJ_ddPMylH2YjSjomyViG3kICt2RkB2hYka0YmdKqe6uEnzBPzGqnDrFGSNZUeRTzj4wMGe_b5Bi81tG51Zmu9qqeKs5Pl1YDIInAWtohbWOVbJ9NsdYQO_vu_acmczCXAwJ357m2YWSzbtu5Uy8YBLj9lGMj8qo5PlxIujOew08VxDGJoeZ-cYZ15M-aQG3YciuUjW6d3fxrR8xwNBdExj54E5tFBJJTggcoUPzGAJh-6OQsEoRGLG1Mh1U7rCVq2-ZqnIzcCiAGLOfDr0qwew2-APYd9y9Kt1miLE1NDcRR2njFDtZAV_tXtMvqHRQFDdJChB7Hk7_aesdau2yjQETbcsOAuiLYpQaR-xjtPSo4pYP_DO-ur0NR3iksUfgZusemYaGFDNzcJVJmha-eHbXj9y26lLPUzLe8tUfU1m-bE6xrRhGsS7cN5FXIc658dR1yucvPRw01fzJIk-nCF-o9hE

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK viewability Show response
hal90004.redintelligence.net/ Frame A00F 0
150 B 39ms
17ms Script
text/html 138.201.63.116
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90004.redintelligence.net/viewability?s=13752200014707400757589011794004&a=c474a641&vb=m
Requested by: Host: hal90004.redintelligence.net
URL: https://hal90004.redintelligence.net/request_content.php?s=13752200014707400757589011794004&a=1e70f7a8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.116 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.116.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90004.redintelligence.net/request_content.php?s=13752200014707400757589011794004&a=1e70f7a8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame A00F 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK bsevent.gif
tps625.doubleverify.com/ Frame A399 807 B
1 KB 329ms
118ms Ping
image/gif 204.154.111.154
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps625.doubleverify.com/bsevent.gif?impid=7e5bb6980d8146d7b82574b6b8ed3e36&vfdur=350&cbust=1638248766202988
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.154 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb36.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:06 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 11/29/2021 5:06:06 AM

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A399 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 04:37:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1720
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4486
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 19:29:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 30 Nov 2021 05:37:26 GMT

GET
H3 200 impl_v81.js Show response
www.googletagservices.com/dcm/ Frame A399 41 KB
17 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v81.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 12:23:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 492186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17189
x-xss-protection: 0
last-modified: Mon, 18 Oct 2021 20:08:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 12:23:00 GMT

GET
H2 200 B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=500204437;ord=tjjwxb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Femojipedia... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame A399 45 KB
22 KB 68ms
47ms Script
text/javascript 172.217.16.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=500204437;ord=tjjwxb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Femojipedia.org$2,https%3A%2F%2F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html$0;xdt=1;crlt=32k2koPUj.;sttr=16;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v81.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f134.1e100.net

Software

cafe /

Resource Hash

03ccd8b65116c746a7215db95a9391750c464fcf6031b2ebf05d16f97cb8339a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/ Frame A399 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211111/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=500204437;ord=tjjwxb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Femojipedia.org$2,https%3A%2F%2F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html$0;xdt=1;crlt=32k2koPUj.;sttr=16;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 04:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 14 Dec 2021 04:56:29 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A399 0
23 B 41ms
41ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuJ0g7bU-XFMKr6hFvvFyzBuAf866kMIzV45PFrIpymAlAq_vLww2bhF-eRlqEhGph1-fZzgY8vbKc4lh8MtTlVpCv7z_KWrMwbNSN2H0OjQFSf7que2WlJq8s1ejCmBSwic01GUQy-N6LXTuEnYDA&sig=Cg0ArKJSzDSKpm5R-M92EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20211111.68242&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 05:06:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame A399 8 KB
4 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&num=&adid=&advid=2276943&adsrv=1&btreg=505362318&btadsrv=doubleclick&crt=156804616&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=81.236;sz=728x90;u_sd=1;dc_adk=500204437;ord=tjjwxb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%5D;dc_rfl=1,https%3A%2F%2Femojipedia.org$2,https%3A%2F%2F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html$0;xdt=1;crlt=32k2koPUj.;sttr=16;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 25 Nov 2021 12:39:48 GMT
Server: Microsoft-IIS/10.0
ETag: "0424488f9e1d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291

GET
H3 200 17721130591974731406
s0.2mdn.net/simgad/ Frame A399 69 KB
70 KB 22ms
8ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17721130591974731406

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 16:56:44 GMT
x-content-type-options: nosniff
age: 562162
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Nov 2022 16:56:44 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B48B 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 26 Nov 2021 12:48:06 GMT
expires: Sat, 26 Nov 2022 12:48:06 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 317880
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 / Show response
track.adform.net/adfserve/ Frame A399 0
333 B 19ms
17ms Script
text/plain 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=50753021;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=55644288&extPm=55644288&extCr=389359233&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CEpjSPLGlYea5NYWB7_UPh6ey0AujsL79ZbuPv_fcDrn20NnAHBABINW0mXtgldqggrAHoAGR_tGiA8gBCakCGfs6-a_wsj6oAwGqBOoBT9Bq-LxVRJADaagldE46mCS5Gdnwr9WeKo_LErCMyt4wySyVsW9IbtR-1NsoVENbfOqT6jbNjXWmnoSEjbu_hS0AkqjXG7Yq3H4695T-jK-Q2UtopbCu-XsYkEKi-7RWJLj63dUZA9G1dqT05vS-lt99s7Q1t69mpCy3G_L6DYv91mXSARkT2B2ZHPOCEXWL0NsPMfhskw0WflkMyPf48ybu9wQJVL36YTZMRaoxE_wA3lP_Pmg6XP7cYU60Zy2d4DG5_O6Q-GcgbztnAVIuJCD4mlb4lkg5pT2pLqX6oAEjMfFfNeEDn7I7wATQ8bXJ1QPgBAOQBgGgBk2AB9eBrl2oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTIxOTA2MjgxNjMwNzc4ODeACgOYCwHICwGADAGwE8WgsQ3IE6uJ790D0BMA2BMK2BQB0BUBgBcB&ae=1&num=1&cid=CAASFeRofh_Godwsa9iq1dHY0yQRjrw03Q&sig=AOD64_3JbedZRjhp7Wi4rgyJIjgT7_He8g&client=ca-pub-4641608711979091&dbm_c=AKAmf-CZY5-YB3tI09Yr7NOSHzBzvYeVqj98B00h9AciST3zn38bRjKZzSDYmdN00GYsrUysXEBnVNd3iJHt9aUYS-IYD-qCODHFRZuqV4NxRuilQ_XKaoFDfnMWwvKLcIOWu0VjN9f_2BCETXbqYYKIrAwyRi9G6A&cry=1&dbm_d=AKAmf-A2EhYSeZr9l7wCfJkFu-IJjbspK45ER6mW9vgk6SyMLEvn7aFEsAkY_pGf_04z3uM05Nf4rQnseeZuXm539hn5iX7v_fzQ9pvTGgMqzFmrGFNWuYKKLS64z9EVmfBl89l7dTL71BU0-XgMQS_1E-TzcLJb0CLfQrWYGU2KC27xpH7eqQsnP5XsNotm4OWwM4c7cWfo1hLazrQfTZkWToSRcrkQOEUKVI1z30BfeqmgtKbq8Kez2fueQAlYzVVQ_BNF4yBi5UT07Ohpd_omTsumY1grL9MoPVToqOL1vpE11emPhouLFY1zQagBtl3tmFg_eV0knUjDhIuG4ROF3UEL-pcrMHC3NLMcL4w26yNLZR7kSzXllIxoAyhbHkORa6Xs4Ss6mqe72lKoa5PDkVJqjpDWOU2let5tSaw4SFl1FfXaD29p6jBc5w6HYBSVoGh8H5UIlPyLELrcwyi2CdL68kM6Nw&adurl=;js=1;adfxid=1x;1213;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Femojipedia.org

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:06 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A399 0
23 B 42ms
41ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 05:06:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dv-measurements1874.js Show response
cdn.doubleverify.com/ Frame 52FB 490 KB
89 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1874.js
Requested by: Host: emojipedia.org
URL: https://emojipedia.org/snowflake/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:06 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 11:10:53 GMT
Server: Microsoft-IIS/10.0
ETag: "801ca49edadad71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91038

GET
DATA 200
OK truncated
/ Frame A399 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 835fd0ca3a6a29f357ebf653823f8560a8c42a183c2b2d5a9f57a9efc262e62b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame B48B 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58909
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:44:17 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 52FB 2 KB
1 KB 109ms
10ms Script
text/javascript 213.254.244.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=44&ttfrms=21&brid=3&brver=96.0.4664.45&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%60%60b%606h43_%60bb_ef6c7df66cc_de74d_g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3ETauD2767C2%3E6Tau%60%5C_%5CbgTau9E%3E%3DTau4%40%3FE2%3A%3F6C%5D9E%3E%3DU2%3F4r92%3A%3Fl9EEADTbpTauTau6%3E%40%3B%3AA65%3A2%5D%40C8Tar9EEADTbpTauTau%60%60b%606h43_%60bb_ef6c7df66cc_de74d_g%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=1&aUrlD=0&ssl=https:&dfs=1045&ddur=8&uid=1638248766425671&jsCallback=dvCallback_1638248766425888&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1874&tgjsver=1874&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=7&brh=2&sdf=2&dvp_epl=369&noc=4&ctx=13311291&cmp=9689862&sid=2641434&plc=280630144&crt=156804616&btreg=505362318&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=457392848003.27655&dvp_tukv=196688001354.02725&dvp_uuid=7314032471.81674&dvp_tuid=1635392594838
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 813e383c637f1741c36feb4213d392cb1c6591787fcdfa80a0f8e1052a226553

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 11/29/2021 5:06:06 AM

GET
H/1.1

200
OK

event.png
tps20239.doubleverify.com/ Frame 52FB
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tps20239&param=akipv6&impid=67ff984c03fd4fa0a9241d2af708f810&cbust=1638248766550600
https://tps20239.doubleverify.com/event.png?impid=67ff984c03fd4fa0a9241d2af708f810&akipv6=2a0f:9441:5:0:e9::1

67 B
322 B

37ms
7ms

Image
image/png

213.254.244.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20239.doubleverify.com/event.png?impid=67ff984c03fd4fa0a9241d2af708f810&akipv6=2a0f:9441:5:0:e9::1
Requested by: Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:06 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Cache-Control: max-age=0
Content-Length: 98
Expires: 11/29/2021 5:06:06 AM

Redirect headers

Location: https://tps20239.doubleverify.com/event.png?impid=67ff984c03fd4fa0a9241d2af708f810&akipv6=2a0f:9441:5:0:e9::1
Date: Tue, 30 Nov 2021 05:06:06 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B48B 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJngDPrGlYZuRENT_gQe3wZ_gBQAAAAA4AeAEAg&bg=!PzylPHjNAAZQLpa_UC47ACkAdvg8WuoH9976sZA9Pt97wWLBd3T_nHYuYOWSMa-HSDNJpFokzfy7zQIAAABbUgAAAAxoAQeZAsTIpXg4xzQA-VExcUexalVKFqoxkhY4PNYXRV72gMN-99H6eGTpLIbhw6j6GPTf9rszv74dVEMd0eI3YqmLNQCv8Qh5MrJevHtWo3Aa7yrb478e1pmSgGhzoah2Dl_ehms2EyKJRqiCNeNNBTXST67dbv5ZvQ7w1RPBrvpJG_8-j3G0A0cTQQe5oWFha0qrmnDYxGm_L1tXOLAGwgOyn4fgDLwj12JH9Apm7c-Nbzk0GKZTTapux7oNdSv7r2HrSfDbaMFaeqjsGE8Gc2uLjaUYHe9nK1rdxztdFjdBLgvTjmqTrv6HXZrXPd_He7OmbXWeLCtKE8lVVG78wDswvz4wcwozyQTc_nX3EO2K5UxL2pEH4Td5-bgJ7-OR1QIt6nYmRwfYzPAzu5tNMPyxlOIoxY2Q-wwXXJDYNee1x4pvBB1Rg3IbTjvac5Zea_xb_wbScckBkFyqb6bQZyL0OmmTnYQKE2phKB6vC-pvwz8e0hYn2QHLrwd4SbQtnfEEV-Z-yCJsTpfIf0-Gej-U3CslD6aaCmW0LF0VBuo9eTZ7qMOtA9X6IfRmE1OGlCLKY9V-FtYFeN_zQIhT3hPU9W7oLeLVZCcJ59dGiEZ3gNFDJI-Kvu6nGMCgrzGplRqCBfGEsJS-WaZVK4S8-Gjg955znRdfy9X8CxahHyxmYqI2hTMOG4dDd8h0fMm27L3YUvSiA0ECSqcdlCGdY3tnuDBALfhAGNxeS3sSylRZ9RlI6yJ1XNGUj_mE6GtOFILuiXGAvXOIlxF24ZRk_vXmOAPG4g4PFKvArGmarPXb3LmEYjGp2oTTId2iF7dtes60CZU_9bOKTg7oz5PoPFSw9Cf73cOk2yAPFWP6N8lYLkp-R4Xo5vn3anVWYX7m28LpjslsdaBOoolYkAKnReaGczev7jm06XRHdTRaFaDvNUNcLrc7g2c

Requested by

Host: 1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 36ms
21ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4fe001dafb230ada8a51c7c5e3f0332cbdef285496937c3af998ec336bb9ddb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 30 Nov 2021 05:06:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9404
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 2511ms
2510ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 30 Nov 2021 05:06:09 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8201 42 B
64 B 29ms
29ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthNJzMqHHNdHYmgS_t9WDalYaYXSx3Yjs52NGC_HgT1ru3wmiIHHSZzhLSdj6iMjQs_HInb7zi04SllKyB2woKBC_5DdjBfg9Q32WlFsi0odUimK2GwA&sai=AMfl-YTB0ZNY-0GeooyRZxmjglPr4UvzpTpM6_fi6UQP7rFeu5gITBY-sGhz4xQzQDHi6Y9S4BeTR3LXq0Ym632E0SNRAF76tXPMU8oqZRJwwG0Ks3eka8Rp-DSg8xDCsqY&sig=Cg0ArKJSzCd1FV_6Y0q-EAE&cid=CAASFeRoRsazHV1fG0YdYkpswMvetPPnUA&id=lidar2&mcvt=1000&p=548,975,802,1275&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=804184230&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638248765272&rpt=408&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A399 42 B
64 B 29ms
28ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1KU6EN6-Hbin547FCU6ZEdZlGJs1glFKbMm5VL52qWWoPcsrpPlgzwlNZy8pPEMk-HP1ZfY9EzME-iRFnpGyasnfTC34D&sig=Cg0ArKJSzD0edJkE6carEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=500204437&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638248765264&rpt=1095&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A399 42 B
64 B 30ms
30ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6JUP7yjI_Bk8p7KwiQ2xvS8CopNk3Fq_z_nmqjArJqIXm8ZI47qVkG3yqipJ3dkcFrGUj_vF1iOESpK7iN8hwW-1BHVBUMy3Z8LlQyfS7v4YpkbmBaw&sai=AMfl-YTSOKlct6tPsBJy5MHBnfZsXtNvVe0Y7WXUt3z3VrvJBIwPIQ6M6ze76tXqGB_Q2NZXiBC4irWxLznbCJC4FKfJnVVLQysXlMBveSGCLQ6IilD6rFu76Actya5U-1Y&sig=Cg0ArKJSzPrZaQf5S-wSEAE&cid=CAASFeRofh_Godwsa9iq1dHY0yQRjrw03Q&id=lidar2&mcvt=1001&p=143,436,237,1164&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=2220004319&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638248765264&rpt=1092&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 537A 0
0 377ms
109ms Document
text/plain 67.202.105.21
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=dVQ06ADzGr6yooaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip21.67-202-105.static.steadfastdns.net
Software: 33XP002 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-33x-status: 2000208
server: 33XP002
date: Tue, 30 Nov 2021 05:06:07 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 630B 52 KB
17 KB 37ms
6ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 21 Nov 2021 04:25:13 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 30 Nov 2021 05:06:07 GMT
Age: 84601
X-Served-By: cache-lga21965-LGA, cache-fra19149-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 630207
X-Timer: S1638248768.843664,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 usersync.html Show response
ad-cdn.technoratimedia.com/html/ Frame 5B68 17 KB
6 KB 123ms
23ms Document
text/html 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_4.43.0
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mil/6C9B) /
Resource Hash: 62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 645
cache-control: max-age=900
content-type: text/html; charset=UTF-8
date: Tue, 30 Nov 2021 05:06:07 GMT
etag: "450f-5c7a90520f640"
expires: Tue, 30 Nov 2021 05:21:07 GMT
last-modified: Wed, 21 Jul 2021 21:40:33 GMT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server: ECAcc (mil/6C9B)
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-varnish: 218484852
content-length: 5566

GET
H2

200

sync Show response
eb2.3lift.com/ Frame CDAE
Redirect Chain

https://eb2.3lift.com/sync?
https://eb2.3lift.com/sync?&ld=1

1 KB
1 KB

7ms
7ms

Document
text/html

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?&ld=1
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb4a582e5f2d8aad6574357b9b5c4c56b6be52094397a8b1ff51fbc37b40e6d5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 30 Nov 2021 05:06:07 GMT
content-type: text/html; charset=utf-8
content-length: 463
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Tue, 30 Nov 2021 05:06:07 GMT
content-length: 0
location: /sync?&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame A5E9 2 KB
1 KB 40ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Tue, 30 Nov 2021 05:06:07 GMT
Connection: keep-alive

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame E73F 0
91 B 24ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.221.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.221.0
date: Tue, 30 Nov 2021 05:06:07 GMT
content-type: text/html
content-length: 20
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 0404 0
0 16ms
12ms Document
text/plain 216.52.2.39
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=12352498
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 30 Nov 2021 05:06:07 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap7ams1

GET
H2 200 apacdex Show response
sync.quantumdex.io/usersync/ Frame CD2C 4 KB
1 KB 133ms
122ms Document
text/html 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/apacdex
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10298198b4072699d6e25951f8a8832d8fecde7ac28bce9e6dcbd3c0897ecea0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 30 Nov 2021 05:06:07 GMT
content-type: text/html
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6b618b6f09844e07-FRA
content-encoding: gzip

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E9A5 2 B
84 B 20ms
19ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1638248764265

Requested by

Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/10175.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 28
strict-transport-security: max-age=15552000

GET
H2 200 /
onetag-sys.com/usync/ 2 B
84 B 23ms
19ms Image
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-length: 28

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://pixel.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=themediagrid&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=1&user_id=nND-L8jQrHyHhKwvndOyI5iDpy6HhfoontbZaC03

43 B
220 B

9ms
7ms

Image
image/gif

18.195.106.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=1&user_id=nND-L8jQrHyHhKwvndOyI5iDpy6HhfoontbZaC03
Protocol: HTTP/1.1
Server: 18.195.106.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:07 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=themediagrid&gdpr=1&user_id=nND-L8jQrHyHhKwvndOyI5iDpy6HhfoontbZaC03
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame CDAE 70 B
265 B 103ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame CDAE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKZdu1inGDZ3yEdjP27pCPY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

9ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKZdu1inGDZ3yEdjP27pCPY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEKZdu1inGDZ3yEdjP27pCPY&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CDAE
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzk4NjY5NjY4ODEyNjk3MTE3NQ%3D%3D

170 B
188 B

21ms
20ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzk4NjY5NjY4ODEyNjk3MTE3NQ%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzk4NjY5NjY4ODEyNjk3MTE3NQ%3D%3D
date: Tue, 30 Nov 2021 05:06:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame CDAE 0
598 B 597ms
204ms Image
text/plain 2620:119:50e7:101::9002:e05
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=7986696688126971175&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e7:101::9002:e05 San Francisco, United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-lor1
content-length: 0
x-li-uuid: VzwYNZM6vBYQ3sxQPCsAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame CDAE
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/7986696688126971175?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-T_M9deNE2oRq6ED751mPeue7_el2yP6Ey_kE.zzoXg--~A&dongle=0883

37 B
352 B

17ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-T_M9deNE2oRq6ED751mPeue7_el2yP6Ey_kE.zzoXg--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 30 Nov 2021 05:06:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-T_M9deNE2oRq6ED751mPeue7_el2yP6Ey_kE.zzoXg--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame CDAE 43 B
220 B 19ms
10ms Image
image/gif 18.195.106.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=7986696688126971175&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.106.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-106-43.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:07 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame CDAE 42 B
593 B 82ms
47ms Image
image/gif 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=7986696688126971175&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:07 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 174439E1EC1E4A6CABF1F4D9FD754644 Ref B: FRAEDGE1309 Ref C: 2021-11-30T05:06:07Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame CDAE
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=7986696688126971175
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7986696688126971175&dcc=t

0
0

109ms
106ms

Image
text/html

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7986696688126971175&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: HTTP/1.1
Server: 209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: G75198TZ2JAWS0PPCBGC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7986696688126971175&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame CDAE
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame CDAE
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=3486924809240406478&dongle=d407

37 B
352 B

10ms
10ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=3486924809240406478&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=3486924809240406478&dongle=d407
pragma: no-cache
date: Tue, 30 Nov 2021 05:06:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 630B 0
731 B 36ms
29ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:07 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 95706d2b-272c-4a9d-962c-e80986277b47
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame F87A 1 KB
3 KB 42ms
17ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7163b1b99c9f77a194f3d488eddada53d0e62d1c28cf67d5d660e6bf45c2f988

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|39|230|73|188|130|191|196
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1460
Expires: Tue, 30 Nov 2021 05:06:07 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:07 GMT
Connection: keep-alive

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F87A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWxPfsANDeNnOeCsPD43wAABKEAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWxPfsANDeNnOeCsPD43wAABKEAAAIB&dcc=t

43 B
645 B

98ms
98ms

Image
image/gif

209.54.180.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWxPfsANDeNnOeCsPD43wAABKEAAAIB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Server

209.54.180.3 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: NJSKR5VDHV54WMPG7F42
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 844FM5BDDV68Z9SX2WPG
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YaWxPfsANDeNnOeCsPD43wAABKEAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F87A 70 B
264 B 33ms
33ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame F87A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YaWxPfsANDeNnOeCsPD43wAABKEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENf_DsJff9lIBOc1xxfK0Fc&google_cver=1

43 B
315 B

13ms
10ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENf_DsJff9lIBOc1xxfK0Fc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Tue, 30 Nov 2021 05:06:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESENf_DsJff9lIBOc1xxfK0Fc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 YaWxPfsANDeNnOeCsPD43wAABKEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F87A 43 B
875 B 40ms
37ms Image
image/gif 2a05:d018:d29:3602:73b0:42cb:776e:1ea4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YaWxPfsANDeNnOeCsPD43wAABKEAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:73b0:42cb:776e:1ea4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H/1.1 200
OK CookieIndex
rtb.adentifi.com/ Frame F87A 0
88 B 420ms
102ms Image
text/plain 52.21.1.190
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieIndex
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.1.190 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-1-190.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame F87A 43 B
430 B 177ms
39ms Image
image/gif 52.212.206.16
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.212.206.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-206-16.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index
dmp.brand-display.com/cm/api/ Frame F87A 43 B
253 B 156ms
116ms Image
image/gif 35.241.40.233
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.40.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 233.40.241.35.bc.googleusercontent.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:08 GMT
via: 1.1 google
last-modified: Tue, 30 Nov 2021 05:06:08 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 43
expires: Tue, 30 Nov 2021 05:06:09 GMT

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame F87A 0
215 B 109ms
26ms Image
text/plain 51.178.20.140
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31193670.ip-51-178-20.eu
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame F87A 43 B
425 B 18ms
16ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YaWxPfsANDeNnOeCsPD43wAA%261185
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:06:07 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "761e21-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=2669
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 05:50:36 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD2C
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=416&&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dadvangelists%26uid%3D%7BPARTNER_VISITOR_ID%7D
https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f261bb52-1de5-4293-b8cd-299a5bab54ed

43 B
95 B

124ms
124ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f261bb52-1de5-4293-b8cd-299a5bab54ed
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b71cca64e07-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=advangelists&uid=av-f261bb52-1de5-4293-b8cd-299a5bab54ed
date: Tue, 30 Nov 2021 05:06:08 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD2C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2809746953160145200

43 B
95 B

133ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2809746953160145200
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b702aaf4e07-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: df355719-98df-4853-9133-9b98ccc4cea1
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=answermedia&uid=2809746953160145200
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD2C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2809746953160145200

43 B
106 B

129ms
120ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2809746953160145200
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b702ab04e07-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8c5534c1-f676-4e92-bd1d-4206bba24b97
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2809746953160145200
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD2C
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e6020d979062f948160f0a9d

43 B
95 B

144ms
143ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e6020d979062f948160f0a9d
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b709b374e07-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Date: Tue, 30 Nov 2021 05:06:08 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://sync.quantumdex.io/setuid?bidder=sovrn&uid=e6020d979062f948160f0a9d
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD2C
Redirect Chain

https://ms.quantumdex.io/user/sync/quantumdex
https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bd628fc3-045c-44cb-b6ed-50d568292738

43 B
95 B

132ms
131ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bd628fc3-045c-44cb-b6ed-50d568292738
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b70cb7d4e07-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=dsp_quantumdex&uid=bd628fc3-045c-44cb-b6ed-50d568292738
date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b702aac4e07-FRA
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H2 204 /
s.ad.smaato.net/c/ Frame CD2C 0
239 B 48ms
9ms Image
text/plain 2600:9000:20eb:1e00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1e00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: hDhIYyjpjzKxSYn8qKztGeAUQKTBj15G-h1HniEK1t5crxZ29jKJ7g==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2 200 cs
cs.lkqd.net/ Frame CD2C 43 B
309 B 317ms
100ms Image
image/gif 146.20.128.198
RACKSPACE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.lkqd.net/cs?partnerId=758&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dlkqd-desktop%26uid%3D%24%24userId%24%24
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.20.128.198 , United States, ASN27357 (RACKSPACE, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
server: nginx
access-control-max-age: 0
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Disposition
cache-control: max-age=0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 43

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD2C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ASqEDM5E2uEikgSnS_5qn1lgv7ohYhdkzjsYFTw-~A

43 B
95 B

138ms
137ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ASqEDM5E2uEikgSnS_5qn1lgv7ohYhdkzjsYFTw-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b70bb584e07-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-ASqEDM5E2uEikgSnS_5qn1lgv7ohYhdkzjsYFTw-~A
date: Tue, 30 Nov 2021 05:06:08 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD2C
Redirect Chain

https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58425/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP3a3a420f-519b-11ec-8c54-022e3a216146
https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3a3a420f-519b-11ec-8c54-022e3a216146

43 B
95 B

127ms
120ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3a3a420f-519b-11ec-8c54-022e3a216146
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b710bd44e07-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-video&uid=UP3a3a420f-519b-11ec-8c54-022e3a216146
date: Tue, 30 Nov 2021 05:06:08 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200

1.gif
id5-sync.com/c/495/0/0/ Frame CD2C
Redirect Chain

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

43 B
1009 B

19ms
19ms

Image
image/gif

54.36.109.22
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Server

54.36.109.22 , France, ASN16276 (OVH, FR),

Reverse DNS

p09.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 30 Nov 2021 05:05:33 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

Location: https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date: Tue, 30 Nov 2021 05:05:33 GMT
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame CD2C 0
478 B 77ms
12ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD2C
Redirect Chain

https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c812511c-00d1-4bf0-b49c-39435382b5d6

43 B
95 B

126ms
125ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c812511c-00d1-4bf0-b49c-39435382b5d6
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b712bf34e07-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=c812511c-00d1-4bf0-b49c-39435382b5d6
date: Tue, 30 Nov 2021 05:06:08 GMT
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD2C
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=8683da4c-3e87-514e-8c6a-79dbedcfc89b

43 B
95 B

125ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=8683da4c-3e87-514e-8c6a-79dbedcfc89b
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b722d1f4e07-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=8683da4c-3e87-514e-8c6a-79dbedcfc89b
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame B396 0
0 100ms
19ms Document
text/plain 213.19.147.45
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

server: Tengine
date: Tue, 30 Nov 2021 05:06:08 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 63B1 2 KB
3 KB 16ms
16ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5438ba6da90596108429091332502e06bacc631467f9b2389faed16e069fe781

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 46|4|88|206|57|195|196|73
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1632
Expires: Tue, 30 Nov 2021 05:06:08 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Connection: keep-alive

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 74CA 14 KB
5 KB 97ms
20ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

last-modified: Tue, 15 Jun 2021 06:08:03 GMT
etag: "1300708-3945-5c4c7cc02bd56"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 5054
content-type: text/html; charset=UTF-8
cache-control: max-age=151557
expires: Wed, 01 Dec 2021 23:12:05 GMT
date: Tue, 30 Nov 2021 05:06:08 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK uc.html Show response
sync.go.sonobi.com/ Frame 36AC 43 B
555 B 88ms
25ms Document
text/html 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

Date: Tue, 30 Nov 2021 05:06:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, no-store, private
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma: no-cache
Tcn: Choice
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
X-Xss-Protection: 0
Content-Encoding: gzip
Server: sonobi-go

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame B5F4 2 KB
823 B 32ms
23ms Document
text/html 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/apacdex

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sync.quantumdex.io/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 63B1 0
0 72ms
14ms Image
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 63B1
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3486924809240406478

43 B
1 KB

16ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3486924809240406478
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 05:06:08 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3486924809240406478
pragma: no-cache
date: Tue, 30 Nov 2021 05:06:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 63B1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=YaWxQAAIVAXP1wAz
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YaWxQAAIVAXP1wAz&gdpr=1&_test=YaWxQAAIVAXP1wAz

43 B
1 KB

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YaWxQAAIVAXP1wAz&gdpr=1&_test=YaWxQAAIVAXP1wAz
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 05:06:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:08 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1638248768.212862,VS0,VE0
x-served-by: cache-hhn4024-HHN
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YaWxQAAIVAXP1wAz&gdpr=1&_test=YaWxQAAIVAXP1wAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 63B1 0
15 B 43ms
22ms Image
text/plain 18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YaWxPfsANDeNnOeCsPD43wAABKEAAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 63B1
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559721783656441

43 B
1 KB

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559721783656441
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 05:06:08 GMT

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5108559721783656441
Date: Tue, 30 Nov 2021 05:06:08 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 63B1
Redirect Chain

https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4a7ac422-98f4-4d0a-8d47-51b270ef7a71

43 B
1 KB

12ms
12ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4a7ac422-98f4-4d0a-8d47-51b270ef7a71
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 30 Nov 2021 05:06:08 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-4a7ac422-98f4-4d0a-8d47-51b270ef7a71
date: Tue, 30 Nov 2021 05:06:08 GMT
server: Apache-Coyote/1.1
content-length: 0

GET
H/1.1 200
OK us.php
gu.dyntrk.com/adx/ie/ Frame 63B1 0
215 B 69ms
17ms Image
text/plain 51.178.20.140
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.178.20.140 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31193670.ip-51-178-20.eu
Software: proxy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
cache-control: private, no-cache, no-store, proxy-revalidate, no-transform
x-rc: 10
server: proxy
content-length: 0
content-type: text/plain

GET
H2 200 YaWxPfsANDeNnOeCsPD43wAABKEAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 63B1 43 B
868 B 52ms
32ms Image
image/gif 2a05:d018:d29:3602:73b0:42cb:776e:1ea4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YaWxPfsANDeNnOeCsPD43wAABKEAAAIB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:73b0:42cb:776e:1ea4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2 200 setuid
sync.quantumdex.io/ Frame 63B1 43 B
95 B 141ms
121ms Image
image/gif 2606:4700:10::ac43:2ac6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=YaWxPfsANDeNnOeCsPD43wAABKEAAAIB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6b618b707b1a4e07-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 74CA 0
42 B 85ms
17ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16164407&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 30 Nov 2021 05:06:08 GMT
content-length: 0

POST
H/1.1 200
OK bsevent.gif
tps625.doubleverify.com/ Frame A399 807 B
1 KB 95ms
95ms Ping
image/gif 204.154.111.154
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps625.doubleverify.com/bsevent.gif?impid=7e5bb6980d8146d7b82574b6b8ed3e36&pltfrm=Linux%20x86_64&cbust=1638248768207738
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal100.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 204.154.111.154 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS: nycp-hlb36.doubleverify.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:07 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Access-Control-Allow-Origin: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 860
Expires: 11/29/2021 5:06:08 AM

POST
H/1.1 200
OK event.png
tps20239.doubleverify.com/ Frame 52FB 67 B
465 B 10ms
9ms Ping
image/png 213.254.244.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20239.doubleverify.com/event.png?impid=67ff984c03fd4fa0a9241d2af708f810&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=110&eoid=8&msrjs=1874&pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=8&tetms=7&msltms=22&vltms=110&sei=289&vetms=13&engms=1&engisel=1&ttfurm=2143&cbust=1638248768550206
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/29/2021 5:06:08 AM

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 630B 0
731 B 18ms
16ms Script
text/html 185.33.221.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:08 GMT
X-Proxy-Origin: 91.199.118.77; 91.199.118.77; 723.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: e140da45-d0d6-44ab-b38d-e5b10fb8fc94
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7757 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Tue, 30 Nov 2021 04:34:29 GMT
expires: Wed, 30 Nov 2022 04:34:29 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1900
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B227 783 B
536 B 33ms
17ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b5e45022d953ed7e2b6e2fb46a9f7df609a238fe840542c9a5a96c4fc52d320

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OswNIHu75S9E3sjGekH4zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 30 Nov 2021 05:06:09 GMT
date: Tue, 30 Nov 2021 05:06:09 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OswNIHu75S9E3sjGekH4zQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js Show response
pagead2.googlesyndication.com/bg/ Frame 7757 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IDpL2rJiZrNY3rYqo4eIGDY6phXtx-GzYRENHMIWWlE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 29 Nov 2021 12:44:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13371
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Nov 2022 12:44:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B227 0
0 59ms
58ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=2529958347704751&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=2529958347704751&bg=!ammlaS3NAAZQLpa_UC47ACkAdvg8Wg3DXKHxwHVL6Qd7HynJWUZy2LOQdHSvTO_KTnPTMjD1ymLAvQIAAABnUgAAAAtoAQeZAnie5bCji7lvJcofiu6z4li-_CFuVHypR6yAViFXPr5JrNl_PWGCzAQR7RZxgUNF254FnNZe5iy-fLsUBr_429KB409oY6JYeQXA6gF7KlmuP7kqwkgdIzUphRQIKbXSZtu0w4l8cRLxvRbsvIn__OFZkKRp_3S_oGzSioL_ppp42g0r2Nao5Bv96IgXwGbN21vPLJahNUEROrkdmix8H--OcLqNk0pw-PH5eX5Xt1h_UEo8mAPZXBYxtgDx8f3dPBIhuepoC8Q6VJKyEYNG5QToLmh9-JqlywGthEkEG9LVZwI8Cxn17I7Ux61Uj1-Y3bJGoIxy8DFO1ziAEGFZccadm-5M7PQblU7ftOkNqYQ3Hsu8dpCMoMCNsQfnQg57D5BxGKg1sBcui4cJeFdKglAFW-KUXKJdwY8BeE-lm6Jm3bpf-pGMa-qjAcEH65qyv4afsvzZO5I4BCfsGGJtxwkndRvdp3RELj_1qj6Lg-l7-yHdMHS7BhkJE3illC74-ZcLvgANhF0SmYnkm-5ZYzhGdcc58Tx7eZK1K8xrS8LrF7Kj0sn1CTqKDj7FBr2LkkznFMaks7Oma-KMPcR9XLB-ZwInCSPsdC750lmc8-XBRsdt00AwRs7UzSj5kZ0euU-PBMRqtV-1JUZn7BZk31PHc1mqb7frHqBhT4u2CYIH85LE4SD9AX94DIp4HKtZ6rWhGj5m_JgaKlSP2-CRzsfeReOreMz4517RGeKfl76KPM-pfrx2V1i30ae_aXO9zElS3J3zfP5vDPFDvxqXyrMgNLdnYh32FQDKSMeR4hCWO3sE3R_JvMm50XTNqjou5tT_rI6F__1D0g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK event.png
tps20239.doubleverify.com/ Frame 52FB 67 B
465 B 7ms
7ms Ping
image/png 213.254.244.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20239.doubleverify.com/event.png?impid=67ff984c03fd4fa0a9241d2af708f810&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=10&ismms=32&isumms=31&isvelg=1&nvr=6&elmtp=3&isbxdms=2231&b0=100&b11=2219&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&lftb=2319&sftb=2319&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1032&isuiabvms=1032&ispmxpms=1032&engalms=30&dvp_dpr=1&cbust=1638248769549854
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1874.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 30 Nov 2021 05:06:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 11/29/2021 5:06:09 AM

POST
H2 200 /
track.adform.net/serving/unload/ Frame 7788 35 B
468 B 17ms
17ms Ping
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=5183733932966285986@@43756538,1283479666476640955,0|0|0|0|0|0|0|0|0||0|0|1538|06d83348-4023-4667-af0c-52ffcac3d75c_1|||1|0|0|7_CR8bCpc35X7EYoWZQhUX0jUKEFa-YNWxPIkl7bB3B7vlE-qfDNoMkllzAqADQrA7z_uuw_WOM1|||11|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 30 Nov 2021 05:06:10 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://emojipedia.org
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

175 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-20 01:13:44	Name: sync Value: CgoIgQIQ58Lx-dYvCgoI4gEQ58Lx-dYvCgoI5gEQ58Lx-dYvCgoIhwIQ58Lx-dYvCgkICRDnwvH51i8KCQg6EOfC8fnWLwoJCAsQ58Lx-dYvCgoIjAIQ58Lx-dYvCgoIzgEQ58Lx-dYvCgkIXxDnwvH51i8=
.emojipedia.org/	1970-01-20 16:35:20	Name: _ga Value: GA1.2.2147064578.1638248764
.emojipedia.org/	1970-01-19 23:05:35	Name: _gid Value: GA1.2.64249564.1638248764
.emojipedia.org/	1970-01-19 23:04:08	Name: _gat Value: 1
.emojipedia.org/	1970-01-20 07:49:44	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Nov+30+2021+05%3A06%3A04+GMT%2B0000+(GMT)&version=6.23.0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Femojipedia.org%2Fsnowflake%2F&groups=C0005%3A0%2CC0004%3A0%2CC0003%3A0%2CC0002%3A0%2CC0001%3A1
.adnxs.com/	1970-01-20 01:13:44	Name: icu Value: ChgIsPpEEAoYASABKAEwvOKWjQY4AUABSAEQvOKWjQYYAA..
.adnxs.com/	1970-01-20 01:13:44	Name: uuid2 Value: 2809746953160145200
emojipedia.org/	1970-01-20 01:13:44	Name: waldo_country Value: DE
emojipedia.org/	1970-01-20 01:13:44	Name: waldo_continent Value: EU
emojipedia.org/	1970-01-20 01:13:44	Name: waldo_region Value: 05
prebid.a-mo.net/	1970-01-20 07:49:44	Name: __amc Value: 1_1638248764_1638248764
.a-mo.net/	1970-01-20 07:49:44	Name: amuid2 Value: 5ed1fe13-b1c9-41d7-90d5-3709979ad9eb
.quantumdex.io/	1970-01-19 23:32:56	Name: uid Value: e7ab54f7-60b7-4283-b31b-55dd8a21c8c9
.technoratimedia.com/	1970-01-21 18:52:08	Name: tads_uid Value: GDPR
.emojipedia.org/	1970-01-20 08:25:44	Name: __gads Value: ID=4052b8e8630c6e67-2234a4cb16cc0091:T=1638248764:S=ALNI_MZN93cCIgaEdyBl2LRSmYC7esanlA
.doubleclick.net/	1970-01-20 08:25:44	Name: IDE Value: AHWqTUmDgfW8b-FtXcS6ZF6T_4tktSojyq0xZS7IsPuHEao8iUSrSTdKFHYOjXvzc2s
.adform.net/	1970-01-19 23:47:20	Name: C Value: 1
m.exactag.com/	1970-01-20 01:13:44	Name: exactag_new_gk Value: 29452ded79dd4c75bad55836e1b559e2%7c29.01.2022+05%3a06%3a05
m.exactag.com/	1970-01-20 03:23:20	Name: exactag_new_uk Value: 0e0d8864ae7340b29ded99e0e77ad463%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 15aee8066b3a48a5a98151cd
.casalemedia.com/	1970-01-20 01:13:44	Name: CMPS Value: 5228
.casalemedia.com/	1970-01-20 07:49:44	Name: CMID Value: YaWxPfsANDeNnOeCsPD43wAA
.casalemedia.com/	1970-01-20 01:13:44	Name: CMPRO Value: 1185
.adnxs.com/	1970-01-20 01:13:44	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In=fT)h_!]tbPl1M>e)ZlrFUfJ+tGXxoTD<cR)<y+k.?QkGSF^dDQ/Cr'^NF!gixF`rbpRzqF1`b`Fy*6kk_
.adform.net/	1970-01-20 00:30:32	Name: uid Value: 5183733932966285986
.adform.net/	1970-01-19 23:14:13	Name: TPC Value: 1638248765702
.doubleclick.net/	1970-01-19 23:04:12	Name: DSID Value: NO_DATA
.redintelligence.net/	1970-01-20 01:13:44	Name: 8lcfmzhxc8d6_uid Value: 8421dc04eb648fe1
.3lift.com/	1970-01-20 01:13:44	Name: tluid Value: 7986696688126971175
.bidswitch.net/	1970-01-20 07:49:44	Name: tuuid Value: 3fd3cf6f-4b98-4bd1-b8c6-39dfec042825
.bidswitch.net/	1970-01-20 07:49:44	Name: c Value: 1638248767
.bidswitch.net/	1970-01-20 07:49:44	Name: tuuid_lu Value: 1638248767
.quantserve.com/	1970-01-20 01:13:44	Name: d Value: ECABDQHsJP7KwQA
.quantserve.com/	1970-01-20 08:34:23	Name: mc Value: 61a5b13f-e3572-92b84-de247
.turn.com/	1970-01-20 03:23:20	Name: uid Value: 3486924809240406478
.bing.com/	1970-01-20 08:25:44	Name: MUID Value: 326CC0482B9168980CCED0B72A4369BD
.lijit.com/	1970-01-20 07:49:44	Name: ljt_reader Value: e6020d979062f948160f0a9d
.casalemedia.com/	1970-01-19 23:05:35	Name: CMST Value: YaWxPWGlsUAA
.advertising.com/	1970-01-20 07:51:11	Name: APID Value: UP3a3a420f-519b-11ec-8c54-022e3a216146
.yahoo.com/	1970-01-20 07:50:06	Name: A3 Value: d=AQABBECxpWECEHjksTnymrwbmyp77QsvgGcFEgEBAQECp2GvYQAAAAAA_eMAAA&S=AQAAAva4nmrda0o8GFh7QWND0c0
.id5-sync.com/	1970-01-19 23:04:09	Name: cf Value:
.id5-sync.com/	1970-01-19 23:04:09	Name: cip Value:
.id5-sync.com/	1970-01-19 23:04:09	Name: cnac Value:
.id5-sync.com/	1970-01-19 23:04:09	Name: car Value:
.id5-sync.com/	1970-01-19 23:04:09	Name: gdpr Value:
.id5-sync.com/	1970-01-19 23:04:09	Name: id5 Value: c131587f-e36b-484d-9bc8-da8b6342bd7c#1638248733928#1
ms.quantumdex.io/	1970-01-23 14:40:08	Name: qdsp_uid Value: bd628fc3-045c-44cb-b6ed-50d568292738
.id5-sync.com/	1970-01-19 23:04:09	Name: callback Value:
.analytics.yahoo.com/	1970-01-20 07:51:11	Name: IDSYNC Value: "192w~21th:192x~21th"
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP3a3a420f-519b-11ec-8c54-022e3a216146
.yahoo.com/	1970-01-19 23:05:35	Name: APIDTS Value: 1638248768
.ads.pubmatic.com/	1970-01-19 23:05:35	Name: KCCH Value: YES
.sharethrough.com/	1970-01-20 07:49:44	Name: stx_user_id Value: c812511c-00d1-4bf0-b49c-39435382b5d6
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjS3MDYzNTMxMRTiM9R1DjcIKXCNSM828kwGAFLvI_AlAAAA
.rfihub.com/	1970-01-20 08:25:44	Name: eud Value: H4sIAAAAAAAAAPvFyGtoZmxhZGJhbmZhaGYJAPkuOBUQAAAA
.rfihub.com/	1970-01-20 08:25:44	Name: rud Value: H4sIAAAAAAAAAOMSNjU0sDA1tTQ3MjS3MDYzNTMxMRTiM9R1DjcIKXCNSM828kyW4jU0M7YwMrEwN7MwNLMEAIrz8vY0AAAA
.everesttech.net/	1970-01-20 07:49:44	Name: everest_g_v2 Value: g_surferid~YaWxQAAIVAXP1wAz
.betweendigital.com/	1970-01-20 07:49:44	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 07:49:44	Name: tuuid Value: 8683da4c-3e87-514e-8c6a-79dbedcfc89b
.betweendigital.com/	1970-01-20 07:49:44	Name: ss Value: 1
.casalemedia.com/	1970-01-20 07:49:44	Name: CMRUM3 Value: f161a5b13f05a0&3961a5b14027605108559721783656441&bf61a5b13f05a0&c361a5b1402760av-4a7ac422-98f4-4d0a-8d47-51b270ef7a71&ce61a5b14005a0&bc61a5b13f05a00&2761a5b13f0b40&5861a5b1402760YaWxQAAIVAXP1wAz&4961a5b14005a0&0461a5b14027603486924809240406478&2e61a5b14005a0&8261a5b13fa8c0&e661a5b13f2760&2d61a5b13d2760CAESEOn4ilLKKuEtAgJbgZkA9uo&c461a5b14005a0
.betweendigital.com/	1970-01-20 07:49:44	Name: ut Value: YaWxQAAE0mCEfYlTShg9ZoL_gd-BvO8hI_C3ww==
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:36:02	Name: bcookie Value: "v=2&36b9b6b2-52bc-4197-8644-708945c87f3c"
.linkedin.com/	1970-01-20 16:21:39	Name: li_gc Value: MTswOzE2MzgyNDg3Njg7MjswMjFTsARlsWyFipl0hD9wxW4rNh9pAKGai+MMVjyl600k1Q==
.linkedin.com/	1970-01-19 23:05:35	Name: lidc Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2598:u=1:x=1:i=1638248768:t=1638335168:v=2:sig=AQGM-gd3QWT_V6ITncrFWBcQg8BuQFBd"

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.
security	error	URL: https://1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Message: Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=55644288&extPm=55644288&extCr=389359233&rnd=1638248764875750' because its MIME type ('image/gif') is not executable.
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1131e9cb0133067e4f57ee44056fc508.safeframe.googlesyndication.com
a3173.casalemedia.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.doubleclick.net
ad.turn.com
ads.betweendigital.com
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
ajax.googleapis.com
ap.lijit.com
b1sync.zemanta.com
btlr.sharethrough.com
c.amazon-adsystem.com
c.bing.com
cdn.ampproject.org
cdn.contentspread.net
cdn.cookielaw.org
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.thisiswaldo.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
cs.lkqd.net
dmp.brand-display.com
dsum-sec.casalemedia.com
eb2.3lift.com
emojipedia-us.s3.amazonaws.com
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com
emojipedia.org
exchange.postrelease.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
hal9000.redintelligence.net
hal90004.redintelligence.net
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
ipfind.co
js-sec.indexww.com
m.exactag.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.4dex.io
ms.quantumdex.io
nep.advangelists.com
newor.technoratimedia.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.ad.smaato.net
protected-by.clarium.io
px.ads.linkedin.com
rtb.adentifi.com
rtb0.doubleverify.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
s1.adform.net
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
ssc-cms.33across.com
ssc.33across.com
ssl.gstatic.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.quantumdex.io
sync.teads.tv
the-eighth-d.openx.net
thisiswaldo.com
tlx.3lift.com
tpc.googlesyndication.com
tps.doubleverify.com
tps20239.doubleverify.com
tps625.doubleverify.com
track.adform.net
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
www.google-analytics.com
www.google.com
www.googletagservices.com
x.bidswitch.net
104.111.242.245
13.224.198.4
13.248.245.213
138.201.63.116
138.201.63.157
142.250.185.66
142.250.186.98
146.20.128.198
147.75.38.124
151.101.1.194
151.101.129.108
151.101.66.49
152.199.22.191
172.217.16.134
178.162.133.149
18.156.0.31
18.159.156.184
18.195.106.43
18.196.163.95
184.31.84.150
185.170.61.74
185.33.221.87
185.64.190.78
193.0.160.128
193.122.174.27
2.18.233.180
2.18.234.21
2001:678:cb4:bbbb::11
204.154.111.154
209.54.180.3
213.19.147.45
213.202.235.9
213.254.244.19
216.52.2.39
23.111.200.118
2600:1fa0:c040:301:34db:792a::
2600:9000:20eb:1e00:1b:5138:8a40:93a1
2600:9000:20eb:ac00:f:458e:2a80:93a1
2606:4700:10::6814:b944
2606:4700:10::6816:3999
2606:4700:10::ac43:2ac6
2606:4700:20::681a:9a9
2606:4700::6810:5914
2606:4700::6810:9540
2606:4700::6812:272
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:119:50e7:101::9002:e05
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9d
2a02:26f0:6c00:2b2::4469
2a05:d018:d29:3602:73b0:42cb:776e:1ea4
3.208.105.70
34.149.20.76
35.157.240.53
35.241.40.233
35.244.159.8
35.71.131.137
37.157.2.234
37.157.6.235
51.178.20.140
51.89.9.252
52.15.219.226
52.21.1.190
52.212.155.9
52.212.206.16
52.219.112.35
52.28.9.10
52.29.166.103
52.59.85.35
54.145.87.156
54.153.127.51
54.36.109.22
54.77.232.22
64.74.236.127
67.202.105.21
85.114.131.235
0275a238773358a8b942e94bc90a30adcf06b88d72b6f460b6048302b974544c
02dd43b7c0fcc3b81c9ee059b33f03fd69b7327cdfbc6659d5ee9e3756a5d473
03ccd8b65116c746a7215db95a9391750c464fcf6031b2ebf05d16f97cb8339a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0858cbeb62ffce2e64e3e8571ce544e582ff761deb2ac556943b1ef1b85d1e3d
08715daa5b0cbf417518e3cd112d0b0e827956db3669194e4cec01b8a38ef114
0af4ecd015f372fb7d62da3dcdd120561638e96a2ab453f8bc2974e88834ca1a
0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10298198b4072699d6e25951f8a8832d8fecde7ac28bce9e6dcbd3c0897ecea0
110689a100eb436859899fddb8aa6798c9cbb988ebcfde9bb30accf1784f9964
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13359606f3db6d8aee66e033877a8c615d74ba56ffb740cdf6b69239dee2dff2
17da1c1d7c98c85f033772ed3e35bb39f50f6f31592e936269d4c52c046fdeb6
1b5e45022d953ed7e2b6e2fb46a9f7df609a238fe840542c9a5a96c4fc52d320
1d0c08b23ea9d197127089562fbfdf4b9278780e63f58fb5660becc1dc17452f
1eaec5cb8211c47d4eccd1bc231f51e6e49f7d4881363b7a553e9a6a05369fc0
203a4bdab26266b358deb62aa3878818363aa615edc7e1b361110d1cc2165a51
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
231ca1f9d7efc1b77f0a4c1a03d0234b45f93d6c4f356f5f725588c4f87c71d7
23ef33989f2db4e8afde93e57b1534aeca826f6c70e794a9d7a418fea9a58614
2c125e6a12e3dd1d1d1aec93292e90fb3c28f36646a954402702b1d9c25175b1
2c2210f87e564b9f117ad40e2cb2f666828d11dbb947bc4304e368b9d5e247ee
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
3209df43d7203dae3c00d8c2a3c7ae9cc011f5aa5bdb52c4f9743b2ac34e0bee
323fa7e9ccc16d83b6652f08bef430009f1c08cdd4f2cc3eb0f13846f458db61
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3822f9ca7e1e656b0e36d6ebe9c7546f24e5684422eb23bd9427abcb45dfede0
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
4170cff538133709c665ee3e751fe7bd0b77eef4ecb91a61aef8648542900e43
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44216edbcf372158d065f2c7062712c9c829648c355066e7cd14242843005d81
456d9df6b2a652d0f54f0287bb107b94d4c276b15edb9b97daca5b26c2fd9efc
47c9fb3880fe502e58e3bc54c9f449be5c4a578bcffe20771b8f1c410c17791b
482b50f17b31e6061a4b1fc13f40717cc6e16bf6d672f6e6ba597597b9b8c90b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49a070133915e05e9b7723d25d8f07b12dda78f7d89c5334176329b5dc8019a6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4db6d94b9cfcd5913a62e06536ac9bc9f9f3fe268d6a1123bac424d1636001e6
4dbd7d63a7c8adc02847f5ecba558c5df122eb556ec67a805f2c952a1bd340e0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1e3534cd3dc977db196bf47b9c20924218aa39a5db8181261b4429f40b56bb
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5438ba6da90596108429091332502e06bacc631467f9b2389faed16e069fe781
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56339af04b2b4fd9ae092f869e91f8d624f84377c345344cd54cacf93a970a02
59415c8f1106151e421f5a3e46e8f8aca679ea9cefba5eb1d386ca0381d48c18
5a425454177f6fdca164c06f0d1bce077b9041d9f72211d49cbbbbb1161103cd
5e9a70c1372cab641b03883ea1736353f67d78e9f66327dddaeccc2915d8c8a1
5f00334571171586b742a56d1164fcffd76dd65cc062895a5bcdc8c8344b4fb9
6019bb04380b572778cd3a034fe26f978c700a5208f99e453d4448d4ac632814
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e
64264a0f605d452d0d477f591d24c99d088a8466d94d1f22f0659404afec56fa
65c875bd0ff890707d3dbe19a1cc23933d3617251ff888e64d5aed08f466903a
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69760e762ad4441a93cbbe63240f71fe753a6582764345ba57705afcb8daf4e1
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70464da52145750387cd7735eb9929739076af4bc4822ad288e54e6db7434a8c
706004a270f0e8631b26bf97d61c2c19d8b3c1787f597bb0086d108bd59c0606
7163b1b99c9f77a194f3d488eddada53d0e62d1c28cf67d5d660e6bf45c2f988
72562f00bd821b6edc0368065bf009468955ba01f8ead742d8bbc2470c4358c4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76113ac94f00eb22208a1a3f652571398c38f43339e11f765965ae50b8cf4614
77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9
789a0d85e03cd24e8a827ce2e1ac5d057490c2f017a8660f2cea3811b5770e90
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
813e383c637f1741c36feb4213d392cb1c6591787fcdfa80a0f8e1052a226553
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835fd0ca3a6a29f357ebf653823f8560a8c42a183c2b2d5a9f57a9efc262e62b
8854752a74f17180183321d2dba6179fda1d37cd626d436d2236dfb797e57fb8
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b94cbe5296254e6bc2199c7099b21f9308583e421f3b5204166eb9bbf19cc58
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9abfc9328e218180b72ce226fff1fd439a5628036e73f4bff88de5e291b8d1ef
9d37d1712b2be6bd01460ea30ab676c8baa512d5f1de5d608511a4403bea72dc
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d5c34e467b28678e5991174197c0ed1391df1e2d9ba260b4492849c6bcad05
a2b07b414cac5d8d707128c72fe7957eb64f1b720c52c233416657d0492ec261
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae4bf1d0558a5f9631f100b99199f6150d216f0fe1b065b3f0043b0fedc2a319
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25210b8b84a1dec7cfe77730c09c3955cbbbc91dd9cbdc6cc1a38055dd4b616
b8169f9a8ce88dad8ec1660b286c499a86fa86fa0c8d60c4080fdae0c7b48122
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4a582e5f2d8aad6574357b9b5c4c56b6be52094397a8b1ff51fbc37b40e6d5
bb9a44f137be88104b65f4661eda56026d8b0b6051f5223daf9522bd6a18448a
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bfa711f0ab2f9d0cded2d504c4a3e255a678a35a31dca04bcfec185ab957b3a6
bfc3c7103c2808e1d72a105b4761db121bb3caa62b3421e81eeca0115a31f807
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3ab98a11303695462aaa63309ffa207915c6ec8c6f514c6193cfa57c6796d8d
c4257c93a6261660aceb5720da447af3c9fce0a1fa599169fb6e757c65d926cd
c45a7b49c14477cd160a83d4ee1fb8c311e12314e042d0647c68bec62f16fe29
ce763c8929720540f8cacb2b8a29fbc2bf49bf4e9b2553c31e0037fd3e211ffe
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d31e7e3989fbaafa1e9b34044d03053a722a86339a24062c59de1f72be690c1e
d6e837a17a46511b553ab9e447be592e5acc02fd1f9f1c88d3177b3cd33fe10b
d70e765fe585e6871cfaca7a2c57f125237f49d7962252d47284f42b2ac582f1
d9e39594b375e5d5b826c69418e4f3be612f7eaa57f3535fe9bebb1e4cfff0ee
da520c3b1a42f2e97fa7c0ccc98a4b092e340588837580564bd3427f2f9249ef
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
e03239557e46aeafe7874eb1be37a3a99be9bcea593843aef24937d78721c432
e1149bb34b5c0050aa59dcbd2ae64a4ba7ad73b856bae306808dc2cface0fe67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4016c42f03af6b58cdaeba85a83ad2da7af4c10c3db8ecb0b0feefc5a43ebaa
e4a78c932df5b46299f35a500b0a4442cf78c9f78143a250940f024e054d2035
e4fe001dafb230ada8a51c7c5e3f0332cbdef285496937c3af998ec336bb9ddb
e681ee3094058ec06bd8672e67d06a5335f6a95457cf9dbb0a233cb1704a21f5
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb46e2bf6f3a85b6f6adb3f66299403bb2e9adc528dd01fccc1f2bdcc05d78d1
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ef0d47f1af5311e6146277dab2fa8c51c84e11f116e593d6f082f55578a264a8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02ab747a19ec7995eabf99531baa365d71a096a39013d02fa815dc7ca4dff92
f3be6ad457ba5d4425f4d105688e9cf5a32595ff156bd290c8ccbe0e6ca3a68a
f4622e3caa827364659587b6b69c5eb291de91a18b7b82eeed7f8ab51e79edad
f503b1dd1bbdba3ecf7bbf5514831140ecbfd507eba4c8d52b77142c85028dc4
f5dbc71d94fb883082b19f42a08fc974ddf73157bf987f79bccfffdfafcd7ce9
f93d6aac2996165254aceb217fd491b77cb5da8667b7bc90ba9f47242c98b91a
fa08dbbcc830489ed672dcdbf6e17e4b2e90ab3ba1c02ff55b0fe904b7ad06d0
fcbbdcc015667b762e101490459aa83adf24d710f07e5c3fc6fc2be9ae4b4178

emojipedia.org Open in urlscan Pro 2606:4700:10::6816:3999 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

265 Requests

86 %HTTPS

32 %IPv6

63 Domains

98 Subdomains

79 IPs

10 Countries

2619 kBTransfer

5908 kBSize

66 Cookies

25 Outgoing links

Page URL History

Redirected requests

265 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

emojipedia.org Open in urlscan Pro
2606:4700:10::6816:3999 Public Scan

Screenshot
Live screenshot

Full Image

265
Requests

86 %
HTTPS

32 %
IPv6

63
Domains

98
Subdomains

79
IPs

10
Countries

2619 kB
Transfer

5908 kB
Size

66
Cookies

265 HTTP transactions
7 data transactions