c1.ouisys.com Open in urlscan Pro
18.159.175.214  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set x1no7 Show response c1.ouisys.com/	5 KB 3 KB	52ms 14ms	Document text/html	18.159.175.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c1.ouisys.com/x1no7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.159.175.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-175-214.eu-central-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash b636e9a4957df368aa9e9704f4a92ca337aa38931958694b8b62b0ecbf0ce8b0 Request headers Host c1.ouisys.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Server nginx/1.14.0 (Ubuntu) Date Mon, 19 Apr 2021 20:21:10 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive x-page-name fr-subwaysurfers-tallyman.v1-one-click Set-Cookie userId=c7c4c500a14c11ebbce8895b41869259; Max-Age=86400; Path=/; Expires=Tue, 20 Apr 2021 20:21:10 GMT; HttpOnly abTestVariant=b; Max-Age=86400; Path=/; Expires=Tue, 20 Apr 2021 20:21:10 GMT; HttpOnly Cache-Control no-transform Content-Encoding gzip
GET H2	200	main.35dd3891.css d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/css/	4 KB 2 KB	58ms 18ms	Stylesheet text/css	2600:9000:2190:6400:f:4439:7640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/css/main.35dd3891.css Requested by Host: c1.ouisys.com URL: https://c1.ouisys.com/x1no7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:6400:f:4439:7640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fa83d3ed5354a288763795c85ad7fcc660508376cb10fa5966bbd0825f1c9c22 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Apr 2021 11:44:54 GMT content-encoding gzip last-modified Fri, 02 Apr 2021 13:51:12 GMT server AmazonS3 age 30977 etag W/"1a68e287a3a4ccd79ba8bc0eaf490f06" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css; charset=utf-8 via 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront) cache-control max-age=604800 x-amz-cf-pop ZRH50-C1 x-amz-cf-id AUz8SuUm1fanKW80wetv9YtMaw1TVFR6pSTkyaAXjHUEhjVRo5sSKw==
GET H2	200	249f4e13750a181636cb5e4d238be4bd.svg d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/files/	37 KB 16 KB	57ms 17ms	Image image/svg+xml	2600:9000:2190:6400:f:4439:7640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/files/249f4e13750a181636cb5e4d238be4bd.svg Requested by Host: c1.ouisys.com URL: https://c1.ouisys.com/x1no7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:6400:f:4439:7640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b2eb1ba900e8391fa863116acca219b57479c6eafc639bedfb904437bd20363a Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Apr 2021 11:44:54 GMT content-encoding gzip last-modified Fri, 02 Apr 2021 13:51:12 GMT server AmazonS3 age 30977 etag W/"249f4e13750a181636cb5e4d238be4bd" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml via 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront) cache-control max-age=604800 x-amz-cf-pop ZRH50-C1 x-amz-cf-id bh1CjAuDVpItX4cexd90bZ_daqxzIu5HsBpMAYCA_7gSWcgu7NKG6w==
GET H2	200	6c5366fb9301321067a42ffa18fa4a28.png d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/files/	53 KB 54 KB	57ms 21ms	Image image/png	2600:9000:2190:6400:f:4439:7640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/files/6c5366fb9301321067a42ffa18fa4a28.png Requested by Host: c1.ouisys.com URL: https://c1.ouisys.com/x1no7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:6400:f:4439:7640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a9462bd63f9790e0a0f98b88de61a933b8e1227587cf9dc2b0fe1fa7d5d9028e Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Apr 2021 11:44:54 GMT via 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront) last-modified Fri, 02 Apr 2021 13:51:12 GMT server AmazonS3 age 30977 etag "6c5366fb9301321067a42ffa18fa4a28" x-cache Hit from cloudfront content-type image/png cache-control max-age=604800 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 54473 x-amz-cf-id ASvhEAyXSg3EarKw4ItREXFLNozpnKV-ElZAgtsGBidWy9n613PsyQ==
GET H2	200	main.82744da16fb862bcf3ce.js Show response d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/js/	424 KB 120 KB	161ms 126ms	Script application/javascript	2600:9000:2190:6400:f:4439:7640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/js/main.82744da16fb862bcf3ce.js Requested by Host: c1.ouisys.com URL: https://c1.ouisys.com/x1no7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:6400:f:4439:7640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e4e2dfb9ba63d004f2f744c549a472cbbf0f1b4f3a4aa09139d5fabd4e144de3 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Apr 2021 20:21:11 GMT content-encoding gzip last-modified Fri, 02 Apr 2021 13:51:13 GMT server AmazonS3 x-amz-cf-pop ZRH50-C1 etag W/"6e32083e3b1aec2218d8569adc0b2c91" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 via 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront) cache-control max-age=604800 x-amz-cf-id 5AaB0D5jhZNAabkvAIRGoJMVAFORlGRoj83dTLLTX6p9nnZef2kpng==
GET H/1.1	200 OK	mstore de-pacman.sam-media.com/api/v2/	43 B 322 B	118ms 58ms	Image image/gif	18.196.181.99 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://de-pacman.sam-media.com/api/v2/mstore?r=c7c4c500a14c11ebbce8895b41869259&m=1&b=0&d[0][t]=image Requested by Host: c1.ouisys.com URL: https://c1.ouisys.com/x1no7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.196.181.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-181-99.eu-central-1.compute.amazonaws.com Software nginx/1.13.8 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 19 Apr 2021 20:21:10 GMT Cache-control private Server nginx/1.13.8 Access-Control-Allow-Headers Content-Type Transfer-Encoding chunked Content-Type image/gif
GET H2	200	gtm.js Show response www.googletagmanager.com/	231 KB 59 KB	56ms 35ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N8MFSR2 Requested by Host: c1.ouisys.com URL: https://c1.ouisys.com/x1no7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash ca3ae7483320e23b874f0362be7b397e830639c5ad754d09b57df9a956467030 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Apr 2021 20:21:10 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60088 x-xss-protection 0 last-modified Mon, 19 Apr 2021 18:56:40 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 19 Apr 2021 20:21:10 GMT
GET H2	200	145940f57da6bce22caf3722883ecba9.jpg d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/files/	82 KB 82 KB	16ms 15ms	Image image/jpeg	2600:9000:2190:6400:f:4439:7640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/files/145940f57da6bce22caf3722883ecba9.jpg Requested by Host: d2b4jmuffp1l21.cloudfront.net URL: https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/css/main.35dd3891.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:6400:f:4439:7640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7197a4add5d53c5ccfda51efa927fe90c9e4a431873167c90d025be49c71f6e1 Request headers Referer https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/css/main.35dd3891.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Apr 2021 11:44:57 GMT via 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront) last-modified Fri, 02 Apr 2021 13:51:12 GMT server AmazonS3 age 30974 etag "145940f57da6bce22caf3722883ecba9" x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=604800 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 83458 x-amz-cf-id bsi1hVjxf_EdGR5hyywVimIQ0rEp5-3mPiQvwEa8TptyocN71vUgvQ==
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	26ms 6ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MFSR2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 19 Mar 2021 19:22:18 GMT server Golfe2 age 1488 date Mon, 19 Apr 2021 19:56:22 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19463 expires Mon, 19 Apr 2021 21:56:22 GMT
GET H2	200	hotjar-1339503.js Show response static.hotjar.com/c/	5 KB 2 KB	94ms 31ms	Script application/javascript	13.224.102.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-1339503.js?sv=7 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8MFSR2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.102.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-102-53.zrh50.r.cloudfront.net Software / Resource Hash 0261398830cd9a4a58ae0232da21571862cb05d5f2432e95b501d73fd4af9d3a Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Apr 2021 20:20:12 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 age 58 etag W/e4e5bfb3c67a49dc2d9eff90a9e05c77 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 x-amz-cf-pop ZRH50-C1 content-length 1850 via 1.1 e92dffa8673a73c15c61e7c3abefc47d.cloudfront.net (CloudFront) x-amz-cf-id 4tQ7cOpgdRDZ3Reg9EmQZUEaRY3GgBJ07PH97fXMmSTDNi09tCG5Ag==
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 444 B	105ms 29ms	XHR text/plain	2a00:1450:400c:c0d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-136232877-29&cid=644089902.1618863671&jid=1616478736&gjid=1122383591&_gid=892726672.1618863671&_u=YGBAgEABAAAAAE~&z=971769398 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 19 Apr 2021 20:21:10 GMT content-type text/plain access-control-allow-origin https://c1.ouisys.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	6ms 6ms	Image image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j89&a=1362409860&t=pageview&_s=1&dl=https%3A%2F%2Fc1.ouisys.com%2Fx1no7&dp=fr-subwaysurfers-tallyman.v1-one-click&ul=en-us&de=UTF-8&dt=Subway%20Surfers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1616478736&gjid=1122383591&cid=644089902.1618863671&tid=UA-136232877-29&_gid=892726672.1618863671&gtm=2wg472N8MFSR2&cd1=BDMB&cd2=x1no7&z=1174912917 Requested by Host: c1.ouisys.com URL: https://c1.ouisys.com/x1no7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 19 Apr 2021 02:54:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 62819 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	modules.5e37784fe3302c2578d8.js Show response script.hotjar.com/	218 KB 58 KB	95ms 31ms	Script application/javascript	13.224.102.55 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.5e37784fe3302c2578d8.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1339503.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.102.55 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-102-55.zrh50.r.cloudfront.net Software / Resource Hash be84aa1c6e1187081162294d13f707690d8b4f77dbafd1298afe5e9118a59c8d Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 13 Apr 2021 17:31:07 GMT content-encoding br x-content-type-options nosniff age 528603 x-cache Hit from cloudfront content-length 58942 access-control-allow-origin * last-modified Tue, 13 Apr 2021 17:30:39 GMT etag "f06a24b93b2f2e5b46ec94292a2d8286" vary Accept-Encoding content-type application/javascript via 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop ZRH50-C1 accept-ranges bytes x-robots-tag none x-amz-cf-id bq7pCkt0DUEeR8eJDQmI9cd8MoU9bTIJpG97Pp5FWpSmjtzpT8KeHg==
POST H/1.1	200 OK	mstore Show response de-pacman.sam-media.com/api/v2/	0 264 B	70ms 29ms	XHR text/html	18.196.181.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://de-pacman.sam-media.com/api/v2/mstore Requested by Host: d2b4jmuffp1l21.cloudfront.net URL: https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/js/main.82744da16fb862bcf3ce.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.196.181.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-181-99.eu-central-1.compute.amazonaws.com Software nginx/1.13.8 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Mon, 19 Apr 2021 20:21:10 GMT Server nginx/1.13.8 Access-Control-Allow-Headers Content-Type Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	/ Show response de.tallymans.com/tallyman/v1/	221 B 502 B	662ms 559ms	Fetch application/json	52.58.224.59 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://de.tallymans.com/tallyman/v1/?action=redirect&country=fr&slug=fr-gamezones&device=smart&offerId=1419&rockman_id=c7c4c500a14c11ebbce8895b41869259& Requested by Host: d2b4jmuffp1l21.cloudfront.net URL: https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/js/main.82744da16fb862bcf3ce.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 52.58.224.59 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-58-224-59.eu-central-1.compute.amazonaws.com Software Apache / PHP/7.2.24-0ubuntu0.18.04.6 Resource Hash 865fa5fef0d2f020a3e902d2843246e6b3813e2a2df15229c13bad6d62f98f86 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Mon, 19 Apr 2021 20:21:10 GMT Cache-control private Server Apache X-Powered-By PHP/7.2.24-0ubuntu0.18.04.6 Transfer-Encoding chunked Content-Type application/json
GET H2	200	box-5e3cec51ed8e99df6977c199d27812d7.html Show response vars.hotjar.com/ Frame B367	1 KB 1 KB	90ms 29ms	Document text/html	13.224.102.36 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-5e3cec51ed8e99df6977c199d27812d7.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-1339503.js?sv=7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.102.36 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-102-36.zrh50.r.cloudfront.net Software / Resource Hash 486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33 Request headers :method GET :authority vars.hotjar.com :scheme https :path /box-5e3cec51ed8e99df6977c199d27812d7.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://c1.ouisys.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Referer https://c1.ouisys.com/ Response headers content-type text/html content-length 684 date Tue, 30 Mar 2021 16:10:32 GMT accept-ranges bytes cache-control max-age=31536000 content-encoding br etag "4e332edbbc3b46800c87f197cc7d3bb6" last-modified Tue, 30 Mar 2021 14:48:51 GMT x-robots-tag none vary Accept-Encoding x-cache Hit from cloudfront via 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id sccsNsFcvGaHs63y0YMm_u8ehgwS39yVathD1YOp_rRDVy8lRQ7FxQ== age 1743038
GET H2	200	ga-audiences www.google.com/ads/	42 B 505 B	51ms 30ms	Image image/gif	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-136232877-29&cid=644089902.1618863671&jid=1616478736&_u=YGBAgEABAAAAAE~&z=1163832700 Requested by Host: c1.ouisys.com URL: https://c1.ouisys.com/x1no7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 19 Apr 2021 20:21:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 505 B	50ms 29ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-136232877-29&cid=644089902.1618863671&jid=1616478736&_u=YGBAgEABAAAAAE~&z=1163832700 Requested by Host: c1.ouisys.com URL: https://c1.ouisys.com/x1no7 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 19 Apr 2021 20:21:10 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	event c1.ouisys.com/analytics/	0 159 B	16ms 15ms	Ping text/plain	18.159.175.214 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c1.ouisys.com/analytics/event Requested by Host: d2b4jmuffp1l21.cloudfront.net URL: https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/js/main.82744da16fb862bcf3ce.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.159.175.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-175-214.eu-central-1.compute.amazonaws.com Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Sec-Fetch-Mode no-cors Origin https://c1.ouisys.com Accept-Encoding gzip, deflate, br Accept-Language en-US Sec-Fetch-Dest empty Cookie userId=c7c4c500a14c11ebbce8895b41869259; abTestVariant=b; _ga=GA1.2.644089902.1618863671; _gid=GA1.2.892726672.1618863671; _dc_gtm_UA-136232877-29=1; _hjTLDTest=1; _hjid=6e1582f7-c2c7-4165-8319-82d1ab908b9c; _hjFirstSeen=1 Connection keep-alive Content-Length 305 Pragma no-cache Host c1.ouisys.com User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept */* Cache-Control no-cache Referer https://c1.ouisys.com/x1no7 Sec-Fetch-Site same-origin Referer https://c1.ouisys.com/x1no7 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Date Mon, 19 Apr 2021 20:21:11 GMT Cache-Control no-transform Server nginx/1.14.0 (Ubuntu) Connection keep-alive Content-Length 0
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j89&a=1362409860&t=event&ni=0&_s=1&dl=https%3A%2F%2Fc1.ouisys.com%2Fx1no7&dp=fr-subwaysurfers-tallyman.v1-one-click&ul=en-us&de=UTF-8&dt=Subway%20Surfers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Flow&ea=advance-auto&el=redirect-success&_u=aGDAAEABAAAAAG~&jid=1761902030&gjid=61306433&cid=644089902.1618863671&tid=UA-136232877-29&_gid=892726672.1618863671&_r=1&gtm=2wg472N8MFSR2&cd1=BDMB&cd2=x1no7&z=669506824 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 19 Apr 2021 20:21:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://c1.ouisys.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	6c5366fb9301321067a42ffa18fa4a28.png d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/files/	53 KB 54 KB	26ms 26ms	Image image/png	2600:9000:2190:6400:f:4439:7640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/files/6c5366fb9301321067a42ffa18fa4a28.png Requested by Host: d2b4jmuffp1l21.cloudfront.net URL: https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/js/main.82744da16fb862bcf3ce.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2190:6400:f:4439:7640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a9462bd63f9790e0a0f98b88de61a933b8e1227587cf9dc2b0fe1fa7d5d9028e Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 19 Apr 2021 11:44:54 GMT via 1.1 d92debab8d9ca0518390aebaec8733a7.cloudfront.net (CloudFront) last-modified Fri, 02 Apr 2021 13:51:12 GMT server AmazonS3 age 30978 etag "6c5366fb9301321067a42ffa18fa4a28" x-cache Hit from cloudfront content-type image/png cache-control max-age=604800 x-amz-cf-pop ZRH50-C1 accept-ranges bytes content-length 54473 x-amz-cf-id EC03-pjZtbtbc5yAwwKKzJQpac_7rfNUDUPJbUmbE_XMV2uPvEq52g==
POST H3-29	200	collect Show response stats.g.doubleclick.net/j/	4 B 25 B	29ms 16ms	XHR text/plain	2a00:1450:400c:c0d::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-136232877-29&cid=644089902.1618863671&jid=1761902030&gjid=61306433&_gid=892726672.1618863671&_u=aGDAAEABAAAAAG~&z=1297325903 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 19 Apr 2021 20:21:11 GMT content-type text/plain access-control-allow-origin https://c1.ouisys.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ga-audiences www.google.com/ads/	42 B 63 B	44ms 29ms	Image image/gif	2a00:1450:4001:827::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-136232877-29&cid=644089902.1618863671&jid=1761902030&_u=aGDAAEABAAAAAG~&z=1085425180 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 19 Apr 2021 20:21:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	ga-audiences www.google.de/ads/	42 B 63 B	45ms 29ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-136232877-29&cid=644089902.1618863671&jid=1761902030&_u=aGDAAEABAAAAAG~&z=1085425180 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 19 Apr 2021 20:21:11 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H/1.1	200 OK	mstore de-pacman.sam-media.com/api/v2/	0 0	34ms 33ms	Fetch text/html	18.196.181.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://de-pacman.sam-media.com/api/v2/mstore Requested by Host: c1.ouisys.com URL: https://c1.ouisys.com/x1no7 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.196.181.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-181-99.eu-central-1.compute.amazonaws.com Software nginx/1.13.8 / Resource Hash Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Mon, 19 Apr 2021 20:21:11 GMT Server nginx/1.13.8 Access-Control-Allow-Headers Content-Type Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
POST H/1.1	200 OK	mstore de-pacman.sam-media.com/api/v2/	0 263 B	36ms 35ms	Ping text/html	18.196.181.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://de-pacman.sam-media.com/api/v2/mstore Requested by Host: d2b4jmuffp1l21.cloudfront.net URL: https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/js/main.82744da16fb862bcf3ce.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 18.196.181.99 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-196-181-99.eu-central-1.compute.amazonaws.com Software nginx/1.13.8 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://c1.ouisys.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin * Date Mon, 19 Apr 2021 20:21:17 GMT Server nginx/1.13.8 Access-Control-Allow-Headers Content-Type Transfer-Encoding chunked Content-Type text/html; charset=UTF-8

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| pac_analytics object| dataLayer function| gtag object| designer_obj object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| report_ga object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| setImmediate function| clearImmediate object| regeneratorRuntime object| pacman

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ouisys.com/	1970-01-19 17:41:05	Name: _hjFirstSeen Value: 1
			.ouisys.com/	1970-01-20 02:26:39	Name: _hjid Value: 6e1582f7-c2c7-4165-8319-82d1ab908b9c
			.ouisys.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
			.ouisys.com/	1970-01-19 17:41:03	Name: _dc_gtm_UA-136232877-29 Value: 1
			.ouisys.com/	1970-01-20 11:12:15	Name: _ga Value: GA1.2.644089902.1618863671
			c1.ouisys.com/	1970-01-19 17:42:30	Name: abTestVariant Value: b
			.ouisys.com/	1970-01-19 17:42:30	Name: _gid Value: GA1.2.892726672.1618863671
			c1.ouisys.com/	1970-01-19 17:42:30	Name: userId Value: c7c4c500a14c11ebbce8895b41869259

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c1.ouisys.com/x1no7(Line 6) Message: [object Object]
console-api	info	URL: https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/js/main.82744da16fb862bcf3ce.js(Line 21) Message: No need to record an impression from client
console-api	log	URL: https://d2b4jmuffp1l21.cloudfront.net/os-ui/static/fr-subwaysurfers-tallyman.v1-one-click/js/main.82744da16fb862bcf3ce.js(Line 45) Message: apiAction redirect
console-api	log	Message: [object Response]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c1.ouisys.com
d2b4jmuffp1l21.cloudfront.net
de-pacman.sam-media.com
de.tallymans.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
13.224.102.36
13.224.102.53
13.224.102.55
18.159.175.214
18.196.181.99
2600:9000:2190:6400:f:4439:7640:93a1
2a00:1450:4001:801::2008
2a00:1450:4001:80e::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:400c:c0d::9a
52.58.224.59
0261398830cd9a4a58ae0232da21571862cb05d5f2432e95b501d73fd4af9d3a
486762d56893f9b12fdfad41c3a76f11fc745b5436e97e596a63c22ee13d2e33
7197a4add5d53c5ccfda51efa927fe90c9e4a431873167c90d025be49c71f6e1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
865fa5fef0d2f020a3e902d2843246e6b3813e2a2df15229c13bad6d62f98f86
a9462bd63f9790e0a0f98b88de61a933b8e1227587cf9dc2b0fe1fa7d5d9028e
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
b2eb1ba900e8391fa863116acca219b57479c6eafc639bedfb904437bd20363a
b636e9a4957df368aa9e9704f4a92ca337aa38931958694b8b62b0ecbf0ce8b0
be84aa1c6e1187081162294d13f707690d8b4f77dbafd1298afe5e9118a59c8d
ca3ae7483320e23b874f0362be7b397e830639c5ad754d09b57df9a956467030
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e2dfb9ba63d004f2f744c549a472cbbf0f1b4f3a4aa09139d5fabd4e144de3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
fa83d3ed5354a288763795c85ad7fcc660508376cb10fa5966bbd0825f1c9c22