Submitted URL: https://api.waldo.fyi/v1/track?utm_source=apollo&utm_medium=email&utm_campaign=core1exp8&redirect=https://start.waldo....
Effective URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Submission: On June 17 via api from US — Scanned from DE

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 31 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is start.waldo.fyi.
TLS certificate: Issued by R3 on June 2nd 2022. Valid for: 3 months.
This is the only time start.waldo.fyi was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
16 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
55 KB
5 gstatic.com
fonts.gstatic.com
123 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 18011
36 KB
2 waldo.fyi
api.waldo.fyi
start.waldo.fyi
9 KB
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 25044
245 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
31 8
Domain Requested by
14 d9hhrg4mnvzow.cloudfront.net start.waldo.fyi
5 fonts.gstatic.com fonts.googleapis.com
3 www.google-analytics.com start.waldo.fyi
www.google-analytics.com
2 d34qb8suadcc4g.cloudfront.net start.waldo.fyi
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com start.waldo.fyi
1 events.ub-analytics.com start.waldo.fyi
1 fonts.googleapis.com builder-assets.unbounce.com
1 www.googletagmanager.com start.waldo.fyi
1 start.waldo.fyi
1 api.waldo.fyi 1 redirects
31 10

This site contains no links.

Subject Issuer Validity Valid
start.waldo.fyi
R3
2022-06-02 -
2022-08-31
3 months crt.sh
*.unbounce.com
Amazon
2022-02-08 -
2023-03-09
a year crt.sh
*.cloudfront.net
Amazon
2022-02-01 -
2023-01-31
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh
*.ub-analytics.com
Amazon
2022-04-10 -
2023-05-09
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-30 -
2022-08-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Frame ID: 2774CE79B39AED53E712EFD36C6BFD00
Requests: 32 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://api.waldo.fyi/v1/track?utm_source=apollo&utm_medium=email&utm_campaign=core1exp8&redirect=... HTTP 302
    https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

31
Requests

97 %
HTTPS

50 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

244 kB
Transfer

475 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://api.waldo.fyi/v1/track?utm_source=apollo&utm_medium=email&utm_campaign=core1exp8&redirect=https://start.waldo.fyi/research_lp/&version=3&skipQuestions=true HTTP 302
    https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
start.waldo.fyi/research_lp/
Redirect Chain
  • https://api.waldo.fyi/v1/track?utm_source=apollo&utm_medium=email&utm_campaign=core1exp8&redirect=https://start.waldo.fyi/research_lp/&version=3&skipQuestions=true
  • https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
53 KB
8 KB
Document
General
Full URL
https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a006d41dac1ed718aa40ce05a8a6fe8e3c280410078fc358c4d9c54dde09a609

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

connection
close
content-encoding
gzip
content-location
https://start.waldo.fyi/research_lp/
content-type
text/html; charset=UTF-8
date
Fri, 17 Jun 2022 14:32:11 GMT
etag
"a:f805a1e3c4871432d1e696d14423d2d6"
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
link
<https://start.waldo.fyi/research_lp/>; rel="canonical"
p3p
CP="This is not a privacy policy."
transfer-encoding
chunked
x-proxy-backend
page-server
x-unbounce-pageid
5003cbd5-ae82-440e-beef-2c894a2b1c54
x-unbounce-variant
a
x-unbounce-visitorid
ed55d2db-195b-4319-8920-126a91c11493

Redirect headers

content-length
2
content-type
application/json; charset=utf-8
date
Fri, 17 Jun 2022 14:32:10 GMT
location
https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
vary
Origin
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
x-amz-apigw-id
T3uAnHgPiYcF6CA=
x-amz-cf-id
W_Sn-DI5qnigfA2BiTahfxC48030VXn-E6c8IjGjVLkacZ_BUlqcUw==
x-amz-cf-pop
FRA50-C1
x-amzn-remapped-content-length
2
x-amzn-requestid
9a92d2b7-0294-4acd-8bf8-68b30b38bb50
x-amzn-trace-id
Root=1-62ac906a-016987452b9ba20934076a14;Sampled=0
x-cache
Miss from cloudfront
main-7b78720.z.css
builder-assets.unbounce.com/published-css/
15 KB
3 KB
Stylesheet
General
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.173.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-173-96.lhr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 25 May 2022 00:40:23 GMT
content-encoding
gzip
last-modified
Wed, 11 May 2022 15:25:12 GMT
server
AmazonS3
age
2037109
etag
"8a6914b8829d3f926055f689771fe755"
x-cache
Hit from cloudfront
x-amz-version-id
KMvcis7.L0zEYzi_9UIlTjJ2K9lUXHro
via
1.1 1e14debf40c7c0d32192ed8ad517da20.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR52-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
VxvrwLGHt8nMODYQWXUU1UIbwI5Xl4sOGWL-bpAu_pc20Ij4GsxEcg==
ub.js
d34qb8suadcc4g.cloudfront.net/
5 KB
2 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
3938014
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
cache-control
max-age=31536000
date
Tue, 03 May 2022 00:38:38 GMT
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-length
1856
x-amz-cf-id
XK95riBZg2GUbpF7TezE3dX1qdPjgjuYXyiLBn3h9upkepTPuPJHeA==
main.bundle-7a80b17.z.js
builder-assets.unbounce.com/published-js/
103 KB
33 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.173.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-173-96.lhr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 11 May 2022 15:49:40 GMT
content-encoding
gzip
last-modified
Wed, 11 May 2022 15:25:07 GMT
server
AmazonS3
age
3192152
etag
"115451db447a15fd94ca1eec82178c7c"
x-cache
Hit from cloudfront
x-amz-version-id
hO9WFSZalI7CFVogzNPJaI4zzDMeqqnQ
via
1.1 1e14debf40c7c0d32192ed8ad517da20.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
LHR52-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33491
x-amz-cf-id
0RpzEdr8DXEFm62lyYJCHfdLDRux8kFDoIqIttReEc4qeWbuhCeXMw==
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
5242
date
Fri, 17 Jun 2022 13:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 17 Jun 2022 15:04:49 GMT
gtm.js
www.googletagmanager.com/
0
0
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=%20GTM-PNTWHJZ
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/
98 KB
30 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4000:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 05 Mar 2022 17:27:36 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
8975076
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
x3VWqhQ3wMZgNjsTokJZfHF4ksbuZv8MrJEEdDx7pbNRkfw8hzid7A==
3cd8b405-fe27-4170-9f77-e985692079e3
https://start.waldo.fyi/
5 KB
0
Stylesheet
General
Full URL
blob:https://start.waldo.fyi/3cd8b405-fe27-4170-9f77-e985692079e3
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/
7 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b0dc857f0259e4e969a66ab301a52d36c92258475fe98fb28a23783273b7a5de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Jun 2022 14:32:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 17 Jun 2022 14:32:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Jun 2022 14:32:11 GMT
888cd57a-waldo-logo-white_103v010000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
1 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/888cd57a-waldo-logo-white_103v010000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f39775f1f32e83311ed940e1607da40b095fafa65d2f1929721f1aac301f6f4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215604
etag
"72a11ad5edc2ad213086494336773faf"
x-cache
Hit from cloudfront
x-amz-version-id
Hbb2RakkfH5xmTdhslc1d4QrcLNHgA4W
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
1465
x-amz-cf-id
khGiNlTi5RSlIUvK8E8ty0worF2aiAO74LK6yH1y5Ml5d5OmTfK2Ng==
0196f7f9-waldo-logo_103400t000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
1022 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/0196f7f9-waldo-logo_103400t000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
64bdfcb0abd313c0a947a3987c8c50f7e594d7282fb3c952109265eafe9593b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215604
etag
"9d9e235e2d7d9cca33b359941bf9140c"
x-cache
Hit from cloudfront
x-amz-version-id
nd.MfBg3oAxCd5QY93LP1LNZNQzoqzTS
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
1022
x-amz-cf-id
rvOJm-gX-Mo9vW30E_vBDQuEmAkQiaLwtGYQNUjYDjzC_gBLHRXSjA==
123ece73-folder_1018018000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
506 B
899 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/123ece73-folder_1018018000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e15876ba9db6c73c94088a22315b26d5384dc93b6db9966647c2c003e8ca1ab3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215604
etag
"b6b9ebe4f01dc5272cfae5618dd0ee75"
x-cache
Hit from cloudfront
x-amz-version-id
x.k3U.C5yeZMPBxRMDuu0BR7WkWKTJeE
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
506
x-amz-cf-id
0LNjE9DR7ArHP2NDEeQ7MCP9A7WLx6xZ7E-ImbwFiIMTmFFUk6WekQ==
8163fd25-love_1012012000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
584 B
975 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/8163fd25-love_1012012000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
92ec3a9b5d9bc2a8fb8abd04f3316261acf0f3f717f05dc63bc095f91eb8b095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215605
etag
"ce4d16a0a075094dcd6e98ba04a0cf1b"
x-cache
Hit from cloudfront
x-amz-version-id
TAjVqaC8TAJiUv2L_eJf6doLxZcdXkAk
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
584
x-amz-cf-id
9V9PyZr_sR0pwz2ami0lHTpyMONTOQzAeVVn1NaxOFK9ZME5m9TyEQ==
5b90f216-textio_102l01d000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
866 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/5b90f216-textio_102l01d000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
25003de693aabb38f4bd8c293f4d515420ee4b711763712e76add0778c4b3c6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215605
etag
"7b2838c0b9f1f0ce43649926389b7fce"
x-cache
Hit from cloudfront
x-amz-version-id
54N5ELOQ3hMfda7.R4FvHfpuG7w4fRyS
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
866
x-amz-cf-id
yMQNDnE5caf09MSbtaCRKjFlWnNFFgR8EG_X_tKENeZ-QD3Kd8wnwA==
5e58a377-cox_108304807b04800g000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
3 KB
3 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/5e58a377-cox_108304807b04800g000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eea5e230d98e10967645cd286805c194fec3a750c7ec9c3c202307f4297f5123

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215605
etag
"5a5a696336f254b042417d4921041d12"
x-cache
Hit from cloudfront
x-amz-version-id
jJMcRpy2_TeYbFp6pQ9_TbiIXLi_Q4Zy
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
3097
x-amz-cf-id
21dJKpPnj8MzQNlC7a5SoVjDrIeHcLCQ8FQrqaB2T6XX-gZhuQPp-g==
5c522ac2-mck_108a02j000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
4 KB
5 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/5c522ac2-mck_108a02j000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c621805198fcdf1fd712edb9671483c42459819342e947824b8d21cd49617d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215604
etag
"d80c807056603814a65e113faeb7bc5b"
x-cache
Hit from cloudfront
x-amz-version-id
.CzUuPLjfGHYYKZ47JTFEKcR0xXs8skn
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
4431
x-amz-cf-id
XuPmYECdkixeHZDAkPGBF2mG37pGS-HNG8_G8_s-2yx2CrSEqz_iXg==
ab0a0b80-arrow_1018018000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
434 B
825 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ab0a0b80-arrow_1018018000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcfd437feb73f0c7109ae8227967e93e639c8f7b740e25bc384e2b2bc01b8f13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215604
etag
"2a1b0a29eb7be01c723b6542e036b2eb"
x-cache
Hit from cloudfront
x-amz-version-id
4k15EZyH2Jx6BY1DoacxowiguvycSFJj
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
434
x-amz-cf-id
2VLnnyoVHkyI_iHNNjUTkeHbmaX8_ec4TgIN6wPJxVnsgYfhC-JypA==
ecaf6d7c-idea_1013013000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
550 B
942 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/ecaf6d7c-idea_1013013000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a5ccbcfde82540dd50d800f4565fc2e27e9bdd271cf5526bfa445924a11cb9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215604
etag
"a1ba14487783e14cecef223241c27f73"
x-cache
Hit from cloudfront
x-amz-version-id
bvJbpokwYjLUmwNiAsYWH03ack9434Qd
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
550
x-amz-cf-id
rrvbpVvIuliMOYIX7-p3WwVHXfuQuZyZYr3O1dBvUye7M_FI5VoSIA==
7234cff4-meta-logo_102b00v000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
786 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/7234cff4-meta-logo_102b00v000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aec83331dda135def59bbdaad81a815bfb0b46e2f96c41af7886322a73c209e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215604
etag
"ba153e420f6ef64bbf903a74fd7083d5"
x-cache
Hit from cloudfront
x-amz-version-id
42E92Tv4FXN_7e31geeqk1kFKB_xne6_
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
786
x-amz-cf-id
zIt1sXpx3d85oR4mrjLcdQaORa6mjtbWYyGG7LevHTO-3c9ajd5V_A==
6643a81e-bloomberg-logo_103p01e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
1 KB
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/6643a81e-bloomberg-logo_103p01e000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d19d1df12e748f61075b4d4efa3396577e7a21e924e741e060d02645997d0662

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215604
etag
"99e014db102e3e5c940852f80e8f73dc"
x-cache
Hit from cloudfront
x-amz-version-id
hX0ts61gNcIT4r3gqcLCICuVV2AUjEpp
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
1121
x-amz-cf-id
R5CsMSlCOiRadqi7VhfAirbf3XGwFbQNilzxZDRXEFxhZxRnMba6bg==
d2dd3b1d-penn-logo_101z00r000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
546 B
939 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/d2dd3b1d-penn-logo_101z00r000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4be783d27e91707023ecf7cdca73441e0b6ebfa00c4a446fcd9c8ea353e1886

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215604
etag
"f1b1f891cb4d41fbf0ec782c0e9cc6a0"
x-cache
Hit from cloudfront
x-amz-version-id
pIQ3.AwQsbViRUqOH3O_ONP.PEYpJK68
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
546
x-amz-cf-id
dF_xHdnV6KYeRF2D8Pe4Wz620vMumaqTEXQKvRkjRyFCrTjb2oYwHw==
f1a667b9-stanford-logo_1033015000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
1 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/f1a667b9-stanford-logo_1033015000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
41e6e658d7a0ac2d5920b575878e44b1a11ddd44240d73700a798515da11085b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215605
etag
"e663d7d8dbce3d84fee68f943786cfa6"
x-cache
Hit from cloudfront
x-amz-version-id
g57TL34oCMrdAgTw2Cnpx.H.m1zhIxwM
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
1155
x-amz-cf-id
GDOrFodgLlO6J3A9xAbkyKnJGi-dOoF8xEG3ItIG5jV5RwF79kn5eA==
a90d8afa-unilever-logo_103b019000000000000028.png
d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/
2 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/start.waldo.fyi/research_lp/a90d8afa-unilever-logo_103b019000000000000028.png
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2b5ab7172c0d94a3d318c18721d373d45088b2750381f209e8cc042cbf96469

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 02:38:47 GMT
via
1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
last-modified
Fri, 10 Jun 2022 18:56:21 GMT
server
AmazonS3
age
215604
etag
"31d9f916773408968511a61a1a4fe843"
x-cache
Hit from cloudfront
x-amz-version-id
gcEGuRhHvb2gon5ocsVvB1G2GpbfDjOx
cache-control
max-age=31557600
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
image/png
content-length
1592
x-amz-cf-id
cMhIrSKpIfSvhVggfbHqn-jDg0684jYCRKBiObbS35TFML4jhdVRpg==
i
events.ub-analytics.com/
43 B
245 B
Image
General
Full URL
https://events.ub-analytics.com/i?stm=1655476331444&e=pv&url=https%3A%2F%2Fstart.waldo.fyi%2Fresearch_lp%2F%3Futm_campaign%3Dcore1exp8%26utm_medium%3Demail%26utm_source%3Dapollo&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=87eb7c25-7fe5-430a-9452-ceb34bfd246c&dtm=1655476331442&vp=1600x1200&ds=1600x2494&vid=1&sid=6db196ac-a999-4ec5-a48d-c8f5446c37bc&duid=f4dca4e7-05d7-4610-ade5-4f090431cb12&uid=ed55d2db-195b-4319-8920-126a91c11493&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNTAwM2NiZDUtYWU4Mi00NDBlLWJlZWYtMmM4OTRhMmIxYzU0IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: start.waldo.fyi
URL: https://start.waldo.fyi/research_lp/?utm_campaign=core1exp8&utm_medium=email&utm_source=apollo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.197.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-197-236.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Jun 2022 14:32:11 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
collect
www.google-analytics.com/j/
2 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1128468216&t=pageview&_s=1&dl=https%3A%2F%2Fstart.waldo.fyi%2Fresearch_lp%2F%3Futm_campaign%3Dcore1exp8%26utm_medium%3Demail%26utm_source%3Dapollo&dp=%2Fresearch_lp%2Fa%3Futm_campaign%3Dcore1exp8%26utm_medium%3Demail%26utm_source%3Dapollo&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=962583284&gjid=2125985032&cid=1000807698.1655476332&tid=UA-202760123-1&_gid=81579095.1655476332&_r=1&_slc=1&z=1810402625
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://start.waldo.fyi/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Jun 2022 14:32:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://start.waldo.fyi
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
fonts.gstatic.com/s/cabin/v24/
26 KB
26 KB
Font
General
Full URL
https://fonts.gstatic.com/s/cabin/v24/u-4i0qWljRw-PfU81xCKCpdpbgZJl6Xvqdns.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
832a9f68685073e8318db12a164566b0baedc599bdf72cca29f9a4c188506053
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://start.waldo.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 21:16:34 GMT
x-content-type-options
nosniff
age
62137
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26244
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 17:32:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 16 Jun 2023 21:16:34 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://start.waldo.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 19:26:32 GMT
x-content-type-options
nosniff
age
155139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 19:26:32 GMT
tDbN2oWUg0MKqSIg75Tv.woff2
fonts.gstatic.com/s/arvo/v20/
17 KB
17 KB
Font
General
Full URL
https://fonts.gstatic.com/s/arvo/v20/tDbN2oWUg0MKqSIg75Tv.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4f6eb6108318d28f97fb6aa700ad42c8d021f1135ef332efed037eb5cc56a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://start.waldo.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 10:06:47 GMT
x-content-type-options
nosniff
age
188724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16932
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:53:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 10:06:47 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://start.waldo.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:07:14 GMT
x-content-type-options
nosniff
age
249897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:07:14 GMT
6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
fonts.gstatic.com/s/sourcesanspro/v21/
12 KB
12 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7nsDI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cabin:700,regular%7CPT+Sans:regular%7CSource+Sans+Pro:italic%7CArvo:italic%7CLato:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://start.waldo.fyi
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 20:15:42 GMT
x-content-type-options
nosniff
age
152189
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12580
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:19:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jun 2023 20:15:42 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1128468216&t=timing&_s=2&dl=https%3A%2F%2Fstart.waldo.fyi%2Fresearch_lp%2F%3Futm_campaign%3Dcore1exp8%26utm_medium%3Demail%26utm_source%3Dapollo&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1762&pdt=1&dns=211&rrt=228&srt=692&tcp=119&dit=1366&clt=1366&_gst=1336&_gbt=1477&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=1000807698.1655476332&tid=UA-202760123-1&_gid=81579095.1655476332&z=328106187
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://start.waldo.fyi/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 15:46:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
81950
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| ub string| GoogleAnalyticsObject function| ga object| eventTracker object| dataLayer object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_data object| gaplugins object| gaGlobal object| gaData

9 Cookies

Domain/Path Name / Value
start.waldo.fyi/research_lp/ Name: ubpv
Value: a%2C5003cbd5-ae82-440e-beef-2c894a2b1c54
api.waldo.fyi/ Name: utm
Value: %7B%22utm_campaign%22%3A%22core1exp8%22%2C%22utm_medium%22%3A%22email%22%2C%22utm_source%22%3A%22apollo%22%7D
.waldo.fyi/ Name: skip-questions
Value: true
.waldo.fyi/ Name: skip-questions.sig
Value: 1zSxvlNlub6EOXw0_PyVCAXTkuk
start.waldo.fyi/ Name: ubvs
Value: ed55d2db-195b-4319-8920-126a91c11493
.waldo.fyi/ Name: ubvt
Value: ed55d2db-195b-4319-8920-126a91c11493
.waldo.fyi/ Name: _ga
Value: GA1.2.1000807698.1655476332
.waldo.fyi/ Name: _gid
Value: GA1.2.81579095.1655476332
.waldo.fyi/ Name: _gat
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://www.googletagmanager.com/gtm.js?id=%20GTM-PNTWHJZ
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.waldo.fyi
builder-assets.unbounce.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
start.waldo.fyi
www.google-analytics.com
www.googletagmanager.com
13.227.173.96
143.204.89.103
2600:9000:2250:4000:1d:11cf:5800:93a1
2a00:1450:4001:811::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
3.126.202.50
52.204.197.236
52.222.250.38
0a5ccbcfde82540dd50d800f4565fc2e27e9bdd271cf5526bfa445924a11cb9e
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
25003de693aabb38f4bd8c293f4d515420ee4b711763712e76add0778c4b3c6b
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
41e6e658d7a0ac2d5920b575878e44b1a11ddd44240d73700a798515da11085b
64bdfcb0abd313c0a947a3987c8c50f7e594d7282fb3c952109265eafe9593b4
7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
832a9f68685073e8318db12a164566b0baedc599bdf72cca29f9a4c188506053
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c621805198fcdf1fd712edb9671483c42459819342e947824b8d21cd49617d2
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
92ec3a9b5d9bc2a8fb8abd04f3316261acf0f3f717f05dc63bc095f91eb8b095
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a006d41dac1ed718aa40ce05a8a6fe8e3c280410078fc358c4d9c54dde09a609
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b5ab7172c0d94a3d318c18721d373d45088b2750381f209e8cc042cbf96469
a4be783d27e91707023ecf7cdca73441e0b6ebfa00c4a446fcd9c8ea353e1886
aec83331dda135def59bbdaad81a815bfb0b46e2f96c41af7886322a73c209e1
b0dc857f0259e4e969a66ab301a52d36c92258475fe98fb28a23783273b7a5de
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d19d1df12e748f61075b4d4efa3396577e7a21e924e741e060d02645997d0662
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e15876ba9db6c73c94088a22315b26d5384dc93b6db9966647c2c003e8ca1ab3
e286a9ef7d2064a4cf7026449941a557c7123aa84ef2a17cf79a38820f5474bc
eea5e230d98e10967645cd286805c194fec3a750c7ec9c3c202307f4297f5123
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f39775f1f32e83311ed940e1607da40b095fafa65d2f1929721f1aac301f6f4b
f4f6eb6108318d28f97fb6aa700ad42c8d021f1135ef332efed037eb5cc56a60
fcfd437feb73f0c7109ae8227967e93e639c8f7b740e25bc384e2b2bc01b8f13