urlscan.io logo urlscan.io
SecurityTrails logo

tickets.nordstern.com Open in urlscan Pro
5.148.164.236  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tickets.nordstern.com/
Effective URL: https://tickets.nordstern.com/de/
Submission: On July 05 via automatic, source certstream-suspicious — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 46 HTTP transactions. The main IP is 5.148.164.236, located in Zurich, Switzerland and belongs to NINE, CH. The main domain is tickets.nordstern.com.
TLS certificate: Issued by R11 on July 3rd 2024. Valid for: 3 months.
This is the only time tickets.nordstern.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

2    5.148.164.236 (Zurich, Switzerland)

ASN29691 (NINE, CH)
PTR: couponlb-5.nine.ch
tickets.nordstern.com
3    2a02:26f0:1700:11::b856:6785 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consent.cookiebot.com
25    5.148.164.238 (Zurich, Switzerland)

ASN29691 (NINE, CH)
PTR: couponlb-1.nine.ch
lp.cpstatic.ch
storage.cpstatic.ch
2    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a02:26f0:3500:887::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
imgsct.cookiebot.com
1    2a02:26f0:3500:886::f09 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
consentcdn.cookiebot.com
6    23.213.161.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-209.deploy.static.akamaitechnologies.com
analytics.tiktok.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    199.36.158.100 (United States)

ASN54113 (FASTLY, US)
www.nordstern.com
Apex Domain
Subdomains		 Transfer
25 cpstatic.ch
lp.cpstatic.ch
storage.cpstatic.ch
513 KB
6 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 787
143 KB
6 cookiebot.com
consent.cookiebot.com — Cisco Umbrella Rank: 4936
consentcdn.cookiebot.com — Cisco Umbrella Rank: 5488
imgsct.cookiebot.com — Cisco Umbrella Rank: 5824
69 KB
3 nordstern.com
tickets.nordstern.com
www.nordstern.com
7 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
4 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 204
71 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 81
183 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2355
46 8
Domain Requested by
14 storage.cpstatic.ch tickets.nordstern.com
11 lp.cpstatic.ch tickets.nordstern.com
lp.cpstatic.ch
consent.cookiebot.com
6 analytics.tiktok.com tickets.nordstern.com
analytics.tiktok.com
3 consent.cookiebot.com tickets.nordstern.com
consent.cookiebot.com
www.googletagmanager.com
2 www.facebook.com tickets.nordstern.com
2 connect.facebook.net tickets.nordstern.com
connect.facebook.net
2 consentcdn.cookiebot.com consent.cookiebot.com
2 www.googletagmanager.com tickets.nordstern.com
www.googletagmanager.com
2 tickets.nordstern.com 1 redirects
1 www.nordstern.com
1 imgsct.cookiebot.com
1 region1.google-analytics.com www.googletagmanager.com
46 12

This site contains links to these domains. Also see Links.

Domain
www.nordstern.com
www.ticketplus.ch
Subject Issuer Validity Valid
tickets.nordstern.com
R11		 2024-07-03 -
2024-10-01		 3 months crt.sh
consent.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-28 -
2025-02-27		 a year crt.sh
couponcustomer.cpstatic.ch
R3		 2024-05-22 -
2024-08-20		 3 months crt.sh
storage.cpstatic.ch
R3		 2024-05-21 -
2024-08-19		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.cookiebot.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-02-26		 a year crt.sh
*.tiktok.com
RapidSSL ECC CA 2018		 2023-07-14 -
2024-08-13		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-04-13 -
2024-07-12		 3 months crt.sh
nordstern.com
WR3		 2024-06-06 -
2024-09-04		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://tickets.nordstern.com/de/
Frame ID: 2C5C51D83F056CF8AFFD43026D4C8B46
Requests: 45 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 58E1337EDB93603CF0AB8921B0243DDA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nordstern

Page URL History Show full URLs

  1. https://tickets.nordstern.com/ HTTP 302
    https://tickets.nordstern.com/de/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <a[^>]*href=[^>]*/Cart
Overall confidence: 100%
Detected patterns
  • consent\.cookiebot\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

46
Requests

100 %
HTTPS

64 %
IPv6

8
Domains

12
Subdomains

11
IPs

3
Countries

989 kB
Transfer

3152 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tickets.nordstern.com/ HTTP 302
    https://tickets.nordstern.com/de/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tickets.nordstern.com/de/
Redirect Chain
  • https://tickets.nordstern.com/
  • https://tickets.nordstern.com/de/
21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.236 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-5.nine.ch
Software
nginx /
Resource Hash
4c0335004b17fa71dd4ac910f6b5fef6083dacecdb2191ac3133d6ded34e68c6
Security Headers
Name Value
X-Frame-Options deny

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
0
content-encoding
gzip
content-length
5301
content-type
text/html; charset=utf-8
date
Fri, 05 Jul 2024 05:26:24 GMT
server
nginx
vary
Accept-Encoding, X-Forwarded-Proto
via
1.1 varnish (Varnish/6.6)
x-frame-options
deny
x-varnish
143605178
x-varnish-cache
MISS

Redirect headers

age
0
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 05 Jul 2024 05:26:23 GMT
location
/de/
server
nginx
vary
X-Forwarded-Proto
via
1.1 varnish (Varnish/6.6)
x-varnish
151867727
x-varnish-cache
MISS
uc.js
consent.cookiebot.com/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ea833e2735a61a60b815b434da037b82495d0e3c5436340ae79247af6d25488b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2024 09:23:46 GMT
etag
"83a342b673c8da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=173
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
34250
expires
Fri, 05 Jul 2024 05:29:17 GMT
main_top.css
lp.cpstatic.ch/static/web/eventdefault/7e73b2367fab5b124555f256a1350511-94266d6aa9de1a844884882b5871fd42/css/ 		272 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lp.cpstatic.ch/static/web/eventdefault/7e73b2367fab5b124555f256a1350511-94266d6aa9de1a844884882b5871fd42/css/main_top.css?c0d6bd543cc8d8ba8733b570a7790d3f19299a3a
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
8078bb694ae116fea7f546bd38a9ae25fef3944780c46a0a9f8bf2c65d07fef8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.6)
age
37566
content-length
50489
pragma
public
last-modified
Wed, 22 May 2024 19:33:12 GMT
server
nginx
vary
Accept-Encoding, X-Forwarded-Proto
content-type
text/css;charset=utf-8
access-control-allow-origin
*
x-varnish
152742091 125962994
cache-control
public, max-age=15552000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 19:00:17 GMT
main_top.js
lp.cpstatic.ch/static/web/default/js/ 		116 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cpstatic.ch/static/web/default/js/main_top.js?c0d6bd543cc8d8ba8733b570a7790d3f19299a3a
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
9251ca18e76b98ae6b79f9d625d90056f9e49530a5232d50df1dd70e1c5c7119

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.6)
age
37593
content-length
41398
pragma
public
last-modified
Wed, 05 Oct 2022 12:31:25 GMT
server
nginx
vary
Accept-Encoding, X-Forwarded-Proto
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-varnish
152057373 125634638
cache-control
public, max-age=15552000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 18:59:50 GMT
fe8a590ad354d4b63e6076097ec258ed-e8164814--630811.webp
storage.cpstatic.ch/storage/landingpage_logo/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/landingpage_logo/fe8a590ad354d4b63e6076097ec258ed-e8164814--630811.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
9832661ebeded78e51f43e887de4e2a5d657b9afd3757470ab086fdf34dd487f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
320238
etag
fb6d9a0316a1e1474a562d03e07b7f78
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
143605185 2097247
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
2438
expires
Sat, 28 Dec 2024 12:29:05 GMT
981093db3526a58c8f17545de5839d9f-af8a535e--967740.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/981093db3526a58c8f17545de5839d9f-af8a535e--967740.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
e465b1aa454a0105da61a2e27a592d528e2c708e7fb63688cad89b002f9a7cfc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
320220
etag
66e12d68f0210b5fc702f2d8688a666d
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
151488855 3899557
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
15704
expires
Sat, 28 Dec 2024 12:29:24 GMT
32e02b5d25c0f311742ce5cc9b8f5b46-3e75babc--971309.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/32e02b5d25c0f311742ce5cc9b8f5b46-3e75babc--971309.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
ec2624e81268de72e1f0221496a640fe1360d3eff7326e6a970278a173ee1a66

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
320220
etag
fd606e4f66603eda11d260b3a77cc196
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
150107270 1933502
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
14688
expires
Sat, 28 Dec 2024 12:29:24 GMT
5fca2b5ea7fff12be4a592d3bd2645c7-f7157182--972620.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/5fca2b5ea7fff12be4a592d3bd2645c7-f7157182--972620.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
5d6ebaddd3c238cebe0e7d1339f8e4363ebefc77526284cec504601747833581

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
320219
etag
48c5c5d49e986f363ec076f40cc9776a
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
149923891 721176
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
17670
expires
Sat, 28 Dec 2024 12:29:24 GMT
96539ad2f91aa6be6c2ebc8c51140280-770f6178--984212.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/96539ad2f91aa6be6c2ebc8c51140280-770f6178--984212.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
612296a45af5f7edd5dfaabd6419fee1465f5b4d62487acb82a6f4d33f94f6ce

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
226042
etag
e403f7de5dc2bbbb73c495f7ede65f51
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
151867734 30164877
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
16046
expires
Sun, 29 Dec 2024 14:39:01 GMT
220b822216958f118b8c26c63d2484ef-a77ee386--979930.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/220b822216958f118b8c26c63d2484ef-a77ee386--979930.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
7e2fcdda5b8aa6f196ccdeeb44f8ae9d9260de2e7c50e36935320925419d00db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
220385
etag
5b071458f315ae7ec534163e6010d0f9
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
152057375 37650693
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
15108
expires
Sun, 29 Dec 2024 16:13:18 GMT
8977af2e5370f145aa9483840bcb9f7a-54441312--948493.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/8977af2e5370f145aa9483840bcb9f7a-54441312--948493.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
16efb6be6a1bfbb7df3c9fbe24b3c1e5005311322ea627d151d5d60edd4d6124

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
320219
etag
64fd14ad4b963d7dbec7180400361bc1
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
145175242 2294076
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
22348
expires
Sat, 28 Dec 2024 12:29:24 GMT
e3612282d948900a14dd115e8b12b536-881b545b--972008.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/e3612282d948900a14dd115e8b12b536-881b545b--972008.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
a732a558a98552603d764646d9f80caa1ccf3db5ece884b53b4297ba2ecee302

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
320219
etag
3ebc1e38f6ce6c4f238923b3066c6631
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
151867736 3408084
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
9300
expires
Sat, 28 Dec 2024 12:29:24 GMT
55f340c157e62f5849317be0c6ac3c40-4b5aaa17--977324.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/55f340c157e62f5849317be0c6ac3c40-4b5aaa17--977324.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
a08c68763870541837bf99ac2ac91690289239f05771b227a32c1c376c18cdc8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
320219
etag
82fc09636c35012c5eed9724618ab3ab
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
150107275 3637568
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
20706
expires
Sat, 28 Dec 2024 12:29:24 GMT
9020374a502644356c46fdea5f256374-caa21d4a--986324.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/9020374a502644356c46fdea5f256374-caa21d4a--986324.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
c8b3c211a03c0d74012ec99cf58237fdfa7a115abdf4bb5e715db06bffbaf26c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
320219
etag
7ab1343d141d46e707b813f4292da63f
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
151488857 3408089
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
14320
expires
Sat, 28 Dec 2024 12:29:25 GMT
1556fee5c51188d1712b4510f17455ba-0a851dd0--988989.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/1556fee5c51188d1712b4510f17455ba-0a851dd0--988989.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
95cf5dc840f68e7a859f520d29033e2291c3e6d0a3a6f14badda358e23e4e8e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
149048
etag
861f5558679c2fcfefecae58febf3f60
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
151776572 57575580
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
18120
expires
Mon, 30 Dec 2024 12:02:16 GMT
66b5464d9d6b2b89b60f99210871a6b4-545887de--988266.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/66b5464d9d6b2b89b60f99210871a6b4-545887de--988266.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
08891e61c925793fcc8fe8a14be775132dbef41d3e6b9e154280b7437e7434a2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
140033
etag
b64aeda96e3c4630b103c40f594d6bee
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
148600797 59288113
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
18756
expires
Mon, 30 Dec 2024 14:32:30 GMT
245e6806fa0831a1a6b20a58fe31ee70-fb7cd14f--960146.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/245e6806fa0831a1a6b20a58fe31ee70-fb7cd14f--960146.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
66ecbfc18b31b4c8c4673903cfe40563043360526dc76f34ede6bbf93ff6207c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
320219
etag
7d39406d02fd76c4727bb9018343aaa2
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
145476038 229435
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
29194
expires
Sat, 28 Dec 2024 12:29:25 GMT
c2804c53cf517357add7aa268b345f41-e7cfcba4--986210.webp
storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.cpstatic.ch/storage/teaser_small_eventdefaultx2/c2804c53cf517357add7aa268b345f41-e7cfcba4--986210.webp
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
b3c9bfdae76dfd40d342bf8fb9920d9b0354657ed1df45ef13fad4541f776c0e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
server
nginx
age
320219
etag
ac20ca4e072f554cfc7628ea82a3bc77
vary
X-Forwarded-Proto
content-type
image/webp
x-varnish
151366439 3637573
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
9390
expires
Sat, 28 Dec 2024 12:29:25 GMT
card_mastercard.svg
lp.cpstatic.ch/static/web/default/img/payment-logos/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cpstatic.ch/static/web/default/img/payment-logos/card_mastercard.svg
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
f8a9c40a5a1ebd74631e623811fe52ac00d743f1c0b6aab1501b3044dd72cc85

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.6)
age
320338
content-length
1823
pragma
public
last-modified
Mon, 16 Mar 2020 23:46:18 GMT
server
nginx
vary
Accept-Encoding, X-Forwarded-Proto
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
151488859 1966125
cache-control
public, max-age=15552000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 12:27:25 GMT
card_visa.svg
lp.cpstatic.ch/static/web/default/img/payment-logos/ 		854 B
853 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cpstatic.ch/static/web/default/img/payment-logos/card_visa.svg
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
1ca2f6ba3dd074d9b9999eb4a4b4b690fe266d1e7b6bec9e6b2b92b0d54e3ded

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.6)
age
320338
content-length
516
pragma
public
last-modified
Mon, 18 Oct 2021 17:19:04 GMT
server
nginx
vary
Accept-Encoding, X-Forwarded-Proto
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
152057377 2490389
cache-control
public, max-age=15552000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 12:27:25 GMT
card_paypal.svg
lp.cpstatic.ch/static/web/default/img/payment-logos/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cpstatic.ch/static/web/default/img/payment-logos/card_paypal.svg
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
6193ba0ffd08d44c09d8ac0ca0b1ef1bb93c16c9f460ccfbeaabeaa2d7dfc3a4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.6)
age
320238
content-length
2766
pragma
public
last-modified
Tue, 17 Mar 2020 18:09:52 GMT
server
nginx
vary
Accept-Encoding, X-Forwarded-Proto
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
148600799 721056
cache-control
public, max-age=15552000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 12:29:05 GMT
card_twint.svg
lp.cpstatic.ch/static/web/default/img/payment-logos/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lp.cpstatic.ch/static/web/default/img/payment-logos/card_twint.svg
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
43e74149623bbe387389bb5175b14ecaf62d8be2d3259663c9d2b1bf8f56a934

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.6)
age
320338
content-length
1482
pragma
public
last-modified
Mon, 16 Mar 2020 23:46:18 GMT
server
nginx
vary
Accept-Encoding, X-Forwarded-Proto
content-type
image/svg+xml
access-control-allow-origin
*
x-varnish
149923893 2064428
cache-control
public, max-age=15552000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 12:27:25 GMT
main_bottom.js
lp.cpstatic.ch/static/web/default/js/ 		373 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cpstatic.ch/static/web/default/js/main_bottom.js?c0d6bd543cc8d8ba8733b570a7790d3f19299a3a
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
6f732663011cd978b2209e45930c35707cb9e44b6509203105fea9ffabdcd521

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.6)
age
37593
content-length
99865
pragma
public
last-modified
Sat, 23 Mar 2024 11:53:08 GMT
server
nginx
vary
Accept-Encoding, X-Forwarded-Proto
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-varnish
151776570 125701362
cache-control
public, max-age=15552000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 18:59:51 GMT
gtm.js
www.googletagmanager.com/ 		236 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5SSX2LB
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec80ac865459d705425723f72ed7b21f075fc718149f3fc3bc52adb409120fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81758
x-xss-protection
0
last-modified
Fri, 05 Jul 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 05 Jul 2024 05:26:24 GMT
configuration.js
consentcdn.cookiebot.com/consentconfig/57c12374-ddcd-4efd-9047-422e1e2e6384/tickets.nordstern.com/ 		383 B
728 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/consentconfig/57c12374-ddcd-4efd-9047-422e1e2e6384/tickets.nordstern.com/configuration.js
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e85cd4eb2a89e96b96b7420090ef8496240f4cade6a96fbc9571532b02dd1786

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 05:26:24 GMT
last-modified
Wed, 26 Jun 2024 23:12:24 GMT
server
AkamaiNetStorage
etag
"d1a1d477c43c38ea176fdb1281d002a4:1719443544.279359"
content-type
application/x-javascript
cache-control
max-age=78979
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1720157184280_388276619_1585868374_17_564_26_59_146";dur=1
accept-ranges
bytes
content-length
383
expires
Sat, 06 Jul 2024 03:22:43 GMT
cc.js
consent.cookiebot.com/57c12374-ddcd-4efd-9047-422e1e2e6384/ 		39 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/57c12374-ddcd-4efd-9047-422e1e2e6384/cc.js?renew=false&referer=tickets.nordstern.com&dnt=false&init=false&culture=de
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ef3e4c97b638953a584c78a656f64b6da23c9a30587a9ae0f3afb3a0dbdaa038

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
last-modified
Fri, 05 Jul 2024 05:26:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
Request-Context
cache-control
private, max-age=1200
cross-origin-resource-policy
cross-origin
content-length
156
request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
glyphicons-halflings-regular.woff2
lp.cpstatic.ch/static/web/eventdefault/7e73b2367fab5b124555f256a1350511-94266d6aa9de1a844884882b5871fd42/css/fonts/glyphicons/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lp.cpstatic.ch/static/web/eventdefault/7e73b2367fab5b124555f256a1350511-94266d6aa9de1a844884882b5871fd42/css/fonts/glyphicons/glyphicons-halflings-regular.woff2
Requested by
Host: lp.cpstatic.ch
URL: https://lp.cpstatic.ch/static/web/eventdefault/7e73b2367fab5b124555f256a1350511-94266d6aa9de1a844884882b5871fd42/css/main_top.css?c0d6bd543cc8d8ba8733b570a7790d3f19299a3a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lp.cpstatic.ch/static/web/eventdefault/7e73b2367fab5b124555f256a1350511-94266d6aa9de1a844884882b5871fd42/css/main_top.css?c0d6bd543cc8d8ba8733b570a7790d3f19299a3a
Origin
https://tickets.nordstern.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
last-modified
Fri, 15 Mar 2019 15:48:08 GMT
server
nginx
age
139129
vary
X-Forwarded-Proto
content-type
application/font-woff2
access-control-allow-origin
*
x-varnish
151867738 57193352
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
18028
expires
Mon, 30 Dec 2024 14:47:35 GMT
fontawesome-webfont.woff2
lp.cpstatic.ch/static/web/eventdefault/7e73b2367fab5b124555f256a1350511-94266d6aa9de1a844884882b5871fd42/css/fonts/font-awesome-4.7.0/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lp.cpstatic.ch/static/web/eventdefault/7e73b2367fab5b124555f256a1350511-94266d6aa9de1a844884882b5871fd42/css/fonts/font-awesome-4.7.0/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: lp.cpstatic.ch
URL: https://lp.cpstatic.ch/static/web/eventdefault/7e73b2367fab5b124555f256a1350511-94266d6aa9de1a844884882b5871fd42/css/main_top.css?c0d6bd543cc8d8ba8733b570a7790d3f19299a3a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://lp.cpstatic.ch/static/web/eventdefault/7e73b2367fab5b124555f256a1350511-94266d6aa9de1a844884882b5871fd42/css/main_top.css?c0d6bd543cc8d8ba8733b570a7790d3f19299a3a
Origin
https://tickets.nordstern.com
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
pragma
public
date
Fri, 05 Jul 2024 05:26:24 GMT
via
1.1 varnish (Varnish/6.6)
last-modified
Wed, 19 Jun 2024 19:20:51 GMT
server
nginx
age
139129
vary
X-Forwarded-Proto
content-type
application/font-woff2
access-control-allow-origin
*
x-varnish
151488861 58822010
cache-control
public, max-age=15552000
accept-ranges
bytes
content-length
77160
expires
Mon, 30 Dec 2024 14:47:35 GMT
bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 58E1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:886::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash

Request headers

Accept-Language
de-CH,de;q=0.9;q=0.9
Referer
https://tickets.nordstern.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
cache-control
max-age=29852610
content-encoding
gzip
content-length
392
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 05 Jul 2024 05:26:24 GMT
etag
"3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires
Sun, 15 Jun 2025 17:49:54 GMT
last-modified
Mon, 04 Apr 2022 07:23:49 GMT
server
AkamaiNetStorage
server-timing
cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1720157184376_388276618_2227828089_19_853_27_44_255";dur=1
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,1
uc.js
consent.cookiebot.com/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.cookiebot.com/uc.js?cbid=57c12374-ddcd-4efd-9047-422e1e2e6384&implementation=gtm&consentmode-dataredaction=dynamic
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SSX2LB
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:11::b856:6785 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
ea833e2735a61a60b815b434da037b82495d0e3c5436340ae79247af6d25488b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

request-context
appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
last-modified
Thu, 27 Jun 2024 09:23:46 GMT
etag
"83a342b673c8da1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-expose-headers
Request-Context
cache-control
public, max-age=173
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
34250
expires
Fri, 05 Jul 2024 05:29:17 GMT
js
www.googletagmanager.com/gtag/ 		310 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-QX2PLXCKM1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5SSX2LB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
99fcd8b506905634a2f90f83b794dca14fb0f77f230c0f7d4026cf8eae74b81a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104798
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 05 Jul 2024 05:26:24 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLS38MBC77UDM51DNMM0&lib=ttq
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-209.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e12bf6bb21175c0239aea53dcf99c90c953829c16dff6b69b9832d5c1e7c8628

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
e99317cb.19326c00
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240705052624D93CFA36CD16A29F26C0-6A89CA7958C0DC6E-00
x-cache
TCP_MISS from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
93,23.213.160.209
server-timing
cdn-cache; desc=MISS, edge; dur=87, origin; dur=7, inner; dur=2
content-length
1538
pragma
no-cache
server
nginx
x-tt-logid
20240705052624D93CFA36CD16A29F26C0
x-cache-remote
TCP_MISS from a23-48-200-7.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
7,23.48.200.7
x-tt-trace-host
0177b99303544bb0cbf3175a3b44f96845bb7049e2ed431344d6e151d01fe58e4a8e27c10a8c0e52f138544f922b572af073b786239ab412cd06f51dd5b3f3dcb9f382d1f90ecf3189503a7f8cd9292cb89dbb4045af74c05a1ad0f57cf0c9cd442da5d9d67e19ef908bb155087afd6041
expires
Fri, 05 Jul 2024 05:26:24 GMT
fbevents.js
connect.facebook.net/en_US/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 05 Jul 2024 05:26:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58293
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=12, mss=1320, tbw=2784, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
l8rC/TCSbfr1lQ+eYYbYaKSByE/5nZWVlYUMObMi0JUHVoAwLFHh5qAC56f90381+jsEIREHZMaWykyZdkznkA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-QX2PLXCKM1&gtm=45je4730v9104424071z89106078926za200zb9106078926&_p=1720157184060&gcs=G111&gcd=13r3r3r3r5&npa=0&dma=0&tag_exp=0&gdid=dMWZhNz&cid=1673827721.1720157185&ul=de-ch&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1720157184&sct=1&seg=0&dl=https%3A%2F%2Ftickets.nordstern.com%2Fde%2F&dt=Nordstern&en=pageview&_fv=1&_nsi=1&_ss=1&tfd=891&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QX2PLXCKM1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Fri, 05 Jul 2024 05:26:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tickets.nordstern.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
197258160960013
connect.facebook.net/signals/config/ 		58 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/197258160960013?v=2.9.160&r=stable&domain=tickets.nordstern.com&hme=733c3732ec767f7a62e7787aff967e6d19b1e13e533937876f2e15efe07bf678&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C175%2C171%2C172%2C174%2C28%2C94%2C50%2C73%2C173%2C155%2C158%2C168%2C169%2C176%2C122%2C39%2C33%2C134%2C14%2C48%2C181%2C180%2C124%2C17%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
586719ccff0c035069b047d914eeaa8d16383b909295a4b1f6ccd1a2d08a89c2
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 05 Jul 2024 05:26:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=63, mss=1320, tbw=63830, tp=-1, tpl=-1, uplat=60, ullat=0
pragma
public
x-fb-debug
BZxif+byD+qNBOscg8f9QHVRwh84B0n+O/4vNvASjpj2vqdVEBYDdw/qs+uFDw0nMTQcKbDWQIKSIQfgWRjikQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
main.MWU2NDEzYzJiMA.js
analytics.tiktok.com/i18n/pixel/static/ 		339 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLS38MBC77UDM51DNMM0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-209.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8878a6113d3767fcb0f7c88fdc432c839a4e4e6fe97dec5e24b0d5eb32addd88

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
19326d91
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202407021144256F1799BCFBB1924158D2
x-tt-trace-id
00-2407021144256F1799BCFBB1924158D2-2A68EE747F66BE05-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0155149eb8bb872112bf4f9a3ee60e1190a5899c6a3ddd6a843d4f3fad847f450edbea98a5ddd1346d930bacf808aee2b727ccf5a136632833a999f4c511f68fdaf9f9e37e42efab140fb07e64dfea15fecc9811408c45c0aa9a26e769b8d9c873
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
content-length
98473
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=197258160960013&ev=PageView&dl=https%3A%2F%2Ftickets.nordstern.com%2Fde%2F&rl=&if=false&ts=1720157184746&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1720157184745.159070712747339174&ler=empty&cdl=API_unavailable&it=1720157184642&coo=false&exp=f0&rqm=GET
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1320, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 05 Jul 2024 05:26:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=197258160960013&ev=PageView&dl=https%3A%2F%2Ftickets.nordstern.com%2Fde%2F&rl=&if=false&ts=1720157184746&sw=1600&sh=1200&v=2.9.160&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1720157184745.159070712747339174&ler=empty&cdl=API_unavailable&it=1720157184642&coo=false&exp=f0&rqm=FGET
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x5ced33103e727ce0","source_keys":["1","2"]},{"key_piece":"0x847ddb5e3ff3a86e","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 05 Jul 2024 05:26:25 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7388018849943050554", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1320, tbw=3108, tp=-1, tpl=-1, uplat=193, ullat=0
pragma
no-cache
x-fb-debug
1bVl80AEB8+OFhSAakzbhxKjv0x+m7k9Df8tKdVxYHcN9C3SlyRT7odZIYSNwNcbf0POuEKCjxcYVn5m+jfHeA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7388018849943050554"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify_ce1d8843.js
analytics.tiktok.com/i18n/pixel/static/ 		146 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/static/identify_ce1d8843.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-209.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
19326ef9
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
server
nginx
x-tt-logid
202405211400009F19F3F262ADB0F2F94C
x-tt-trace-id
00-2405211400009F19F3F262ADB0F2F94C-4777DC948454243B-00
vary
Accept-Encoding
x-cache
TCP_MEM_HIT from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-tt-trace-host
0164d4df9127cd0260f8a4d34aa07b9aa9f371a909ebd4d6ca565c8a7d59062b9761b58c53aeab233271348eb425c6f751b243a09cac72fa7be95a444412353403240d0302b3219e337457d9570807f6b4cbc7dfa2f3740b0370a3b91e10e7b7f6
server-timing
cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length
39700
pixel
analytics.tiktok.com/api/v2/ 		0
847 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-209.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
a8755b1b.19326efa
date
Fri, 05 Jul 2024 05:26:25 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240705052624B8C8D15704729DB8C10A-1C40288287DBC333-00
x-cache
TCP_MISS from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
237,23.213.160.209
server-timing
cdn-cache; desc=MISS, edge; dur=96, origin; dur=148, inner; dur=146
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240705052624B8C8D15704729DB8C10A
x-cache-remote
TCP_MISS from a23-218-222-68.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
148,23.218.222.68
x-tt-trace-host
0177b99303544bb0cbf3175a3b44f96845bb7049e2ed431344d6e151d01fe58e4a1dfad7b0d4aa09066df155bf8382080e4213026f9dcdba1e736faf8c89eb0b1ac1fa10528e47d03545f4a2ab3f622ba7bd14826347be8e0e90b2a5f2b1229013c3f7606713c7bf7209fd779a38ea64ab
access-control-allow-headers
Authorization,*
expires
Fri, 05 Jul 2024 05:26:25 GMT
act
analytics.tiktok.com/api/v2/pixel/ 		0
848 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel/act
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWU2NDEzYzJiMA.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-209.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
14acc0bc.19327175
date
Fri, 05 Jul 2024 05:26:25 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240705052625CCD85666D7B46CB97B6B-3786C56F3CFE2A50-00
x-cache
TCP_MISS from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
130,23.213.160.209
server-timing
cdn-cache; desc=MISS, edge; dur=135, origin; dur=19, inner; dur=15
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20240705052625CCD85666D7B46CB97B6B
x-cache-remote
TCP_MISS from a23-218-222-71.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
19,23.218.222.71
x-tt-trace-host
0177b99303544bb0cbf3175a3b44f96845bb7049e2ed431344d6e151d01fe58e4ab0cbfcc0a3903eb60bf3eb4e8bc1976beeebf55c1b25d9ade9da95544b67074a9ec5605e6ed9823cbd19afc65e9f277b74e7d5fd4d2a15a72aa98b0c0f35189cb8537758ee5a8782a211605c3c7cb1c4
access-control-allow-headers
Authorization,*
expires
Fri, 05 Jul 2024 05:26:25 GMT
main_top.js
lp.cpstatic.ch/static/web/default/js/ 		116 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cpstatic.ch/static/web/default/js/main_top.js?c0d6bd543cc8d8ba8733b570a7790d3f19299a3a
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
9251ca18e76b98ae6b79f9d625d90056f9e49530a5232d50df1dd70e1c5c7119

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.6)
age
37593
content-length
41398
pragma
public
last-modified
Wed, 05 Oct 2022 12:31:25 GMT
server
nginx
vary
Accept-Encoding, X-Forwarded-Proto
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-varnish
152057373 125634638
cache-control
public, max-age=15552000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 18:59:50 GMT
1.gif
imgsct.cookiebot.com/ 		35 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imgsct.cookiebot.com/1.gif?dgi=57c12374-ddcd-4efd-9047-422e1e2e6384
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:887::f09 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Jul 2024 05:26:25 GMT
x-guploader-uploadid
ACJd0NrmcE5Kcmt3rUUZxwHyDpjFoXM5c2IwadtZaoQLLtehy97Xa20dU_f0BDXVrj5JF9QlP0Fe3nzbiw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
35
last-modified
Mon, 23 Oct 2023 11:39:32 GMT
server
UploadServer
etag
"c2196de8ba412c60c22ab491af7b1409"
x-goog-generation
1698061172769999
x-goog-hash
crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public,max-age=1800
x-goog-stored-content-length
35
accept-ranges
bytes
content-type
image/gif
favicon.ico
www.nordstern.com/ 		15 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.nordstern.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.36.158.100 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cee057e03ccc48219f397c9be076aec685c5f2d5d495bc9a464fe086aae32d2a
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-mxp6958-MXP
strict-transport-security
max-age=31556926
content-encoding
br
date
Fri, 05 Jul 2024 05:26:25 GMT
last-modified
Wed, 03 Jul 2024 09:13:38 GMT
x-timer
S1720157185.117482,VS0,VE1
etag
"3cd7b9064cd533269a24f2db528a5df371160346fc1a10de6f16b4cce0584cab-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
image/x-icon
cache-control
max-age=3600
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
916
x-cache-hits
0
main_bottom.js
lp.cpstatic.ch/static/web/default/js/ 		373 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://lp.cpstatic.ch/static/web/default/js/main_bottom.js?c0d6bd543cc8d8ba8733b570a7790d3f19299a3a
Requested by
Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.148.164.238 Zurich, Switzerland, ASN29691 (NINE, CH),
Reverse DNS
couponlb-1.nine.ch
Software
nginx /
Resource Hash
6f732663011cd978b2209e45930c35707cb9e44b6509203105fea9ffabdcd521

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-varnish-cache
HIT
date
Fri, 05 Jul 2024 05:26:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.6)
age
37593
content-length
99865
pragma
public
last-modified
Sat, 23 Mar 2024 11:53:08 GMT
server
nginx
vary
Accept-Encoding, X-Forwarded-Proto
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
x-varnish
151776570 125701362
cache-control
public, max-age=15552000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 18:59:51 GMT
events.js
analytics.tiktok.com/i18n/pixel/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CLS38MBC77UDM51DNMM0&lib=ttq
Requested by
Host: tickets.nordstern.com
URL: https://tickets.nordstern.com/de/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-213-161-209.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3a1f996dbd3ef17c692aff5a11f0947ec16a502cf8f1d6d4fe9d018360d2d295

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tickets.nordstern.com/
Accept-Language
de-CH,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-akamai-request-id
ab4027c2.19327247
date
Fri, 05 Jul 2024 05:26:25 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-tt-trace-id
00-240705052625B801BB5A3CE1E45908F1-6681BCE24E0516E1-00
x-cache
TCP_MISS from a23-213-160-209.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
x-parent-response-time
106,23.213.160.209
server-timing
cdn-cache; desc=MISS, edge; dur=107, origin; dur=8, inner; dur=4
content-length
1539
pragma
no-cache
server
nginx
x-tt-logid
20240705052625B801BB5A3CE1E45908F1
x-cache-remote
TCP_MISS from a23-48-100-103.deploy.akamaitechnologies.com (AkamaiGHost/11.5.3-56943929) (-)
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
8,23.48.100.103
x-tt-trace-host
0177b99303544bb0cbf3175a3b44f96845bb7049e2ed431344d6e151d01fe58e4a3fc9a909f5e4d34b4b7b43444762c895658d969f2172f0a6fd6414b49755636fc3c8b39b69129ab6597aa535186ec2ed89803dede62fc7180649c55031f6834def1aff9b577e0486d855dd171766a2a9
expires
Fri, 05 Jul 2024 05:26:25 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 undefined| event object| fence object| sharedStorage object| dataLayer object| CookieControl function| __uspapi function| addUspapiLocatorFrame function| __handleUspapiMessage function| propagateIABStub object| Cookiebot object| CookieConsent object| google_tag_manager object| google_tag_data string| TiktokAnalyticsObject object| ttq function| fbq function| _fbq function| onYouTubeIframeAPIReady object| gaGlobal object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge function| TiktokJelly object| _jelly_sdks object| Modernizr function| yepnope function| $ function| jQuery object| upox number| CB_jQueryHoldReadyStarted function| getFBLoginUrl object| formChanges object| ignoreInputs boolean| ignoreChanges function| reloadFormOnChange function| deleteEntryConfirmWindow function| moment function| Cookies object| bootbox object| jQuery112307905002759704145 object| NProgress function| resetCart function| handleRelatedItems number| CB_OnTagsExecuted_Processed object| $countdown function| addEventListenerBase

10 Cookies

Domain/Path Name / Value
.tickets.nordstern.com/ Name: lbid
Value: fa9a710f6168f59d359e54b2b9111659
.tickets.nordstern.com/ Name: shop_cookie_test
Value: 1
.tickets.nordstern.com/ Name: language
Value: de-ch
tickets.nordstern.com/ Name: CookieConsent
Value: {stamp:%27-1%27%2Cnecessary:true%2Cpreferences:true%2Cstatistics:true%2Cmarketing:true%2Cmethod:%27implied%27%2Cver:1%2Cutc:1720157184319%2Cregion:%27CH%27}
.nordstern.com/ Name: _ga_QX2PLXCKM1
Value: GS1.1.1720157184.1.0.1720157184.0.0.0
.nordstern.com/ Name: _ga
Value: GA1.1.1673827721.1720157185
.tiktok.com/ Name: _ttp
Value: 2ioW09KiA0ruBw2bW7RFLQMnoPc
.nordstern.com/ Name: _fbp
Value: fb.1.1720157184745.159070712747339174
.nordstern.com/ Name: _tt_enable_cookie
Value: 1
.nordstern.com/ Name: _ttp
Value: uKJbymyn0RhXju_Tt4_IuvJD2c9

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
connect.facebook.net
consent.cookiebot.com
consentcdn.cookiebot.com
imgsct.cookiebot.com
lp.cpstatic.ch
region1.google-analytics.com
storage.cpstatic.ch
tickets.nordstern.com
www.facebook.com
www.googletagmanager.com
www.nordstern.com
199.36.158.100
2001:4860:4802:32::36
23.213.161.209
2a00:1450:4001:830::2008
2a02:26f0:1700:11::b856:6785
2a02:26f0:3500:886::f09
2a02:26f0:3500:887::f09
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
5.148.164.236
5.148.164.238
08891e61c925793fcc8fe8a14be775132dbef41d3e6b9e154280b7437e7434a2
16efb6be6a1bfbb7df3c9fbe24b3c1e5005311322ea627d151d5d60edd4d6124
1ca2f6ba3dd074d9b9999eb4a4b4b690fe266d1e7b6bec9e6b2b92b0d54e3ded
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3a1f996dbd3ef17c692aff5a11f0947ec16a502cf8f1d6d4fe9d018360d2d295
43e74149623bbe387389bb5175b14ecaf62d8be2d3259663c9d2b1bf8f56a934
4c0335004b17fa71dd4ac910f6b5fef6083dacecdb2191ac3133d6ded34e68c6
586719ccff0c035069b047d914eeaa8d16383b909295a4b1f6ccd1a2d08a89c2
5d6ebaddd3c238cebe0e7d1339f8e4363ebefc77526284cec504601747833581
612296a45af5f7edd5dfaabd6419fee1465f5b4d62487acb82a6f4d33f94f6ce
6193ba0ffd08d44c09d8ac0ca0b1ef1bb93c16c9f460ccfbeaabeaa2d7dfc3a4
63bae03aa97278acb1d6f7863e593999bbdc5d280d2fa5a3050f234ce5eee850
66ecbfc18b31b4c8c4673903cfe40563043360526dc76f34ede6bbf93ff6207c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f732663011cd978b2209e45930c35707cb9e44b6509203105fea9ffabdcd521
7e2fcdda5b8aa6f196ccdeeb44f8ae9d9260de2e7c50e36935320925419d00db
8078bb694ae116fea7f546bd38a9ae25fef3944780c46a0a9f8bf2c65d07fef8
8878a6113d3767fcb0f7c88fdc432c839a4e4e6fe97dec5e24b0d5eb32addd88
9251ca18e76b98ae6b79f9d625d90056f9e49530a5232d50df1dd70e1c5c7119
95cf5dc840f68e7a859f520d29033e2291c3e6d0a3a6f14badda358e23e4e8e9
9832661ebeded78e51f43e887de4e2a5d657b9afd3757470ab086fdf34dd487f
99fcd8b506905634a2f90f83b794dca14fb0f77f230c0f7d4026cf8eae74b81a
a08c68763870541837bf99ac2ac91690289239f05771b227a32c1c376c18cdc8
a732a558a98552603d764646d9f80caa1ccf3db5ece884b53b4297ba2ecee302
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b3c9bfdae76dfd40d342bf8fb9920d9b0354657ed1df45ef13fad4541f776c0e
c8b3c211a03c0d74012ec99cf58237fdfa7a115abdf4bb5e715db06bffbaf26c
cee057e03ccc48219f397c9be076aec685c5f2d5d495bc9a464fe086aae32d2a
d891e16dbaf81b89f017b6516afdeffe602f8df1d5e269429e7b6eaf63726a03
e12bf6bb21175c0239aea53dcf99c90c953829c16dff6b69b9832d5c1e7c8628
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e465b1aa454a0105da61a2e27a592d528e2c708e7fb63688cad89b002f9a7cfc
e85cd4eb2a89e96b96b7420090ef8496240f4cade6a96fbc9571532b02dd1786
ea833e2735a61a60b815b434da037b82495d0e3c5436340ae79247af6d25488b
ec2624e81268de72e1f0221496a640fe1360d3eff7326e6a970278a173ee1a66
ec80ac865459d705425723f72ed7b21f075fc718149f3fc3bc52adb409120fd2
ef3e4c97b638953a584c78a656f64b6da23c9a30587a9ae0f3afb3a0dbdaa038
f8a9c40a5a1ebd74631e623811fe52ac00d743f1c0b6aab1501b3044dd72cc85
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c