www.shenyun.com Open in urlscan Pro
130.211.181.80 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Submission: On January 30 via manual (January 30th 2023, 6:37:32 am UTC) from US — Scanned from DE

Summary HTTP 199 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 55 IPs in 10 countries across 66 domains to perform 199 HTTP transactions. The main IP is 130.211.181.80, located in Council Bluffs, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is www.shenyun.com. The Cisco Umbrella rank of the primary domain is 391287.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 27th 2022. Valid for: a year.

This is the only time www.shenyun.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	130.211.181.80 130.211.181.80	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	2a02:26f0:11a... 2a02:26f0:11a::217:9a48	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1 3	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:26f0:10e... 2a02:26f0:10e::6860:5baa	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	2a00:1450:400... 2a00:1450:400d:802::200e	15169 (GOOGLE) (GOOGLE)
1 33	52.46.128.147 52.46.128.147	16509 (AMAZON-02) (AMAZON-02)
3	162.251.166.218 162.251.166.218	63018 (DEDICATED) (DEDICATED)
1	52.218.243.160 52.218.243.160	16509 (AMAZON-02) (AMAZON-02)
1	35.190.11.202 35.190.11.202	15169 (GOOGLE) (GOOGLE)
4	65.9.66.103 65.9.66.103	16509 (AMAZON-02) (AMAZON-02)
1	143.204.215.78 143.204.215.78	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
4	2600:1901:0:7... 2600:1901:0:7af::	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2600:9000:206... 2600:9000:206f:7c00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:11a... 2a02:26f0:11a::217:9a4b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.195.36.112 34.195.36.112	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
2	216.158.231.78 216.158.231.78	19318 (IS-AS-1) (IS-AS-1)
1 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	18.65.33.149 18.65.33.149	16509 (AMAZON-02) (AMAZON-02)
3 3	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.86.139.113 185.86.139.113	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	3.67.120.212 3.67.120.212	16509 (AMAZON-02) (AMAZON-02)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	18.195.202.31 18.195.202.31	16509 (AMAZON-02) (AMAZON-02)
1 1	23.6.126.9 23.6.126.9	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 2	3.72.213.91 3.72.213.91	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:851e:f269:97b5:da7b	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	2.18.79.136 2.18.79.136	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	13.224.190.131 13.224.190.131	16509 (AMAZON-02) (AMAZON-02)
1	34.248.136.204 34.248.136.204	16509 (AMAZON-02) (AMAZON-02)
2 2	52.28.31.160 52.28.31.160	16509 (AMAZON-02) (AMAZON-02)
1	50.19.231.193 50.19.231.193	14618 (AMAZON-AES) (AMAZON-AES)
1 1	3.222.151.93 3.222.151.93	14618 (AMAZON-AES) (AMAZON-AES)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	34.241.134.251 34.241.134.251	16509 (AMAZON-02) (AMAZON-02)
1 1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	37.157.4.39 37.157.4.39	198622 (ADFORM) (ADFORM)
2 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 1	52.58.99.101 52.58.99.101	16509 (AMAZON-02) (AMAZON-02)
1 1	52.59.87.127 52.59.87.127	16509 (AMAZON-02) (AMAZON-02)
2 2	142.251.208.98 142.251.208.98	15169 (GOOGLE) (GOOGLE)
1	35.170.45.72 35.170.45.72	14618 (AMAZON-AES) (AMAZON-AES)
2 2	143.204.215.7 143.204.215.7	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2 2	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1 1	104.237.150.96 104.237.150.96	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
1 1	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2600:9000:205... 2600:9000:2057:4400:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	69.10.32.19 69.10.32.19	19318 (IS-AS-1) (IS-AS-1)
4	23.62.220.203 23.62.220.203	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:1f18:730... 2600:1f18:730:b140:7681:9678:781c:27c9	14618 (AMAZON-AES) (AMAZON-AES)
1	18.207.63.238 18.207.63.238	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400d:807::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:16::9	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:802::2016	15169 (GOOGLE) (GOOGLE)
2	34.231.246.225 34.231.246.225	14618 (AMAZON-AES) (AMAZON-AES)
2 4	50.112.131.245 50.112.131.245	16509 (AMAZON-02) (AMAZON-02)
199	55

34 130.211.181.80 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 80.181.211.130.bc.googleusercontent.com

www.shenyun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:11a::217:9a48 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:802::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10e::6860:5baa (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:400d:802::200e (Ireland)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 52.46.128.147 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.251.166.218 (Los Angeles, United States)

ASN63018 (DEDICATED, US)
PTR: pour-screen.talksmarts.com

matomo.ticketingbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.243.160 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.11.202 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 202.11.190.35.bc.googleusercontent.com

assets.kochava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.66.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-103.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-78.fra53.r.cloudfront.net

pix.pub	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1901:0:7af:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

web-sdk.control.kochava.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7c00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::217:9a4b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.36.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-36-112.compute-1.amazonaws.com

cs.choozle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.158.231.78 (United States)

ASN19318 (IS-AS-1, US)

tracking.ticketingbox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.33.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-33-149.ams1.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.21 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.67.120.212 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-120-212.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.202.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-202-31.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.6.126.9 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-6-126-9.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.72.213.91 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-213-91.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:851e:f269:97b5:da7b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

amazon.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.79.136 (Vienna, Austria) 2 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-79-136.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.190.131 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-190-131.fra2.r.cloudfront.net

www.imdb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.136.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-136-204.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.31.160 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-31-160.eu-central-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.19.231.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-231-193.compute-1.amazonaws.com

usersync.samplicio.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.222.151.93 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-151-93.compute-1.amazonaws.com

ads.samba.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.241.134.251 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-134-251.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.99.101 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-99-101.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.87.127 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-87-127.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s41-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.170.45.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-45-72.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.7 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-7.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.243.60.138 (Norresundby, Denmark) 2 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.237.150.96 (Cedar Knolls, United States) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: lciapi-ewr-06.ninthdecimal.com

lciapi.ninthdecimal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.132 (United States) 1 redirects

ASN54113 (FASTLY, US)

pi.ispot.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands) 1 redirects

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.10.32.19 (Secaucus, United States)

ASN19318 (IS-AS-1, US)
PTR: vda3400b.is.cc

marketing.shenyunonline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.62.220.203 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-203.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b140:7681:9678:781c:27c9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.207.63.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-207-63-238.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2006 (Ireland)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::200a (Ireland)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:16::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

rr4---sn-4g5ednd7.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:802::2016 (Ireland)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.231.246.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-246-225.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 50.112.131.245 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-50-112-131-245.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	shenyun.com www.shenyun.com — Cisco Umbrella Rank: 391287	2 MB
33	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 271	24 KB
18	youtube.com www.youtube.com — Cisco Umbrella Rank: 76	971 KB
12	googlevideo.com rr4---sn-4g5ednd7.googlevideo.com — Cisco Umbrella Rank: 118005	7 MB
10	typekit.net use.typekit.net — Cisco Umbrella Rank: 436 p.typekit.net — Cisco Umbrella Rank: 598	307 KB
9	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 static.doubleclick.net — Cisco Umbrella Rank: 214	3 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4470 www.google.com — Cisco Umbrella Rank: 2	15 KB
5	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2573 rp.liadm.com — Cisco Umbrella Rank: 1488 rp4.liadm.com — Cisco Umbrella Rank: 6738 idx.liadm.com — Cisco Umbrella Rank: 2065	14 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	72 KB
5	kochava.com assets.kochava.com — Cisco Umbrella Rank: 21212 web-sdk.control.kochava.com — Cisco Umbrella Rank: 20616	9 KB
5	ticketingbox.com matomo.ticketingbox.com — Cisco Umbrella Rank: 485021 tracking.ticketingbox.com — Cisco Umbrella Rank: 444213	143 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 jnn-pa.googleapis.com — Cisco Umbrella Rank: 189	31 KB
4	alocdn.com 2 redirects p.alocdn.com — Cisco Umbrella Rank: 6105	2 KB
4	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 779	2 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 353 www.linkedin.com — Cisco Umbrella Rank: 575 px4.ads.linkedin.com — Cisco Umbrella Rank: 6074	3 KB
4	google.de www.google.de — Cisco Umbrella Rank: 5986	732 B
4	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2909	12 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21	66 KB
3	shenyunonline.com marketing.shenyunonline.com — Cisco Umbrella Rank: 398987	29 KB
3	pubmatic.com 3 redirects image2.pubmatic.com — Cisco Umbrella Rank: 872 image6.pubmatic.com — Cisco Umbrella Rank: 733	973 B
3	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 274 cms.analytics.yahoo.com — Cisco Umbrella Rank: 833	684 B
3	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 524 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 416	2 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 351	12 KB
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	96 KB
2	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 229	11 KB
2	semasio.net 2 redirects uipglob.semasio.net — Cisco Umbrella Rank: 1110	1 KB
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 417	352 B
2	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 148	547 B
2	serving-sys.com 2 redirects bs.serving-sys.com — Cisco Umbrella Rank: 1522 lm.serving-sys.com — Cisco Umbrella Rank: 2229	779 B
2	spotxchange.com 2 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 660	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 568	998 B
2	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 197	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 308 token.rubiconproject.com — Cisco Umbrella Rank: 548	674 B
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 2166	873 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 581 usermatch.krxd.net — Cisco Umbrella Rank: 1360	358 B
2	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 629	2 KB
2	myvisualiq.net 2 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1848	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 281	887 B
2	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 595	408 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	257 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	136 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	165 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 198	35 KB
1	taboola.com 1 redirects sync.taboola.com — Cisco Umbrella Rank: 919	168 B
1	ispot.tv 1 redirects pi.ispot.tv — Cisco Umbrella Rank: 2304	343 B
1	ninthdecimal.com 1 redirects lciapi.ninthdecimal.com — Cisco Umbrella Rank: 2590	750 B
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1252	324 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 329	140 B
1	mookie1.com 1 redirects odr.mookie1.com — Cisco Umbrella Rank: 1006	634 B
1	samba.tv 1 redirects ads.samba.tv — Cisco Umbrella Rank: 4791	418 B
1	samplicio.us usersync.samplicio.us — Cisco Umbrella Rank: 2586	263 B
1	imdb.com 1 redirects www.imdb.com — Cisco Umbrella Rank: 2365	879 B
1	tremorhub.com amazon.partners.tremorhub.com — Cisco Umbrella Rank: 4563	183 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 545	472 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 457	484 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 560	163 B
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net	667 B
1	choozle.com cs.choozle.com — Cisco Umbrella Rank: 7389	123 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 814	375 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 623	394 B
1	t.co t.co — Cisco Umbrella Rank: 531	378 B
1	pix.pub pix.pub — Cisco Umbrella Rank: 2721	412 B
1	amazonaws.com s3-us-west-2.amazonaws.com	35 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 707	5 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 625	15 KB
199	66

	Domain	Requested by
34	www.shenyun.com	www.shenyun.com
33	s.amazon-adsystem.com	1 redirects www.shenyun.com s.amazon-adsystem.com
18	www.youtube.com	www.shenyun.com www.youtube.com
12	rr4---sn-4g5ednd7.googlevideo.com	www.youtube.com
9	use.typekit.net	www.shenyun.com use.typekit.net
4	p.alocdn.com	2 redirects
4	jnn-pa.googleapis.com	www.youtube.com
4	ct.pinterest.com	www.shenyun.com
4	www.google.com	www.shenyun.com www.youtube.com
4	web-sdk.control.kochava.com	assets.kochava.com
4	www.google.de	www.shenyun.com
4	nexus.ensighten.com	www.googletagmanager.com nexus.ensighten.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.shenyun.com
3	marketing.shenyunonline.com	www.shenyun.com marketing.shenyunonline.com
3	ib.adnxs.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	matomo.ticketingbox.com	www.shenyun.com matomo.ticketingbox.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.shenyun.com
3	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com www.youtube.com
2	idx.liadm.com	b-code.liadm.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	i.ytimg.com	www.youtube.com
2	yt3.ggpht.com	www.youtube.com
2	image6.pubmatic.com	2 redirects
2	uipglob.semasio.net	2 redirects
2	us-u.openx.net	s.amazon-adsystem.com
2	sb.scorecardresearch.com	2 redirects
2	cm.g.doubleclick.net	2 redirects
2	sync.search.spotxchange.com	2 redirects
2	c1.adform.net	2 redirects
2	dpm.demdex.net	2 redirects
2	match.360yield.com	2 redirects
2	ads.stickyadstv.com	2 redirects
2	t.myvisualiq.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	x.bidswitch.net	2 redirects
2	dsum-sec.casalemedia.com	2 redirects
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	tracking.ticketingbox.com	www.googletagmanager.com tracking.ticketingbox.com
2	www.facebook.com	www.shenyun.com
2	px.ads.linkedin.com	2 redirects
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.shenyun.com connect.facebook.net
2	www.googletagmanager.com	www.shenyun.com www.googletagmanager.com
2	cdnjs.cloudflare.com	www.shenyun.com
1	static.doubleclick.net	www.youtube.com
1	rp4.liadm.com	www.shenyun.com
1	rp.liadm.com	1 redirects
1	b-code.liadm.com	s3-us-west-2.amazonaws.com
1	sync.taboola.com	1 redirects
1	pi.ispot.tv	1 redirects
1	lciapi.ninthdecimal.com	1 redirects
1	loadus.exelator.com	s.amazon-adsystem.com
1	token.rubiconproject.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	eb2.3lift.com	s.amazon-adsystem.com
1	ssum-sec.casalemedia.com	1 redirects
1	usermatch.krxd.net	s.amazon-adsystem.com
1	lm.serving-sys.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	odr.mookie1.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	ads.samba.tv	1 redirects
1	usersync.samplicio.us	s.amazon-adsystem.com
1	beacon.krxd.net	s.amazon-adsystem.com
1	www.imdb.com	1 redirects
1	cms.analytics.yahoo.com	s.amazon-adsystem.com
1	amazon.partners.tremorhub.com	s.amazon-adsystem.com
1	tags.bluekai.com	1 redirects
1	aa.agkn.com	1 redirects
1	rtb-csync.smartadserver.com	s.amazon-adsystem.com
1	d1eoo1tco6rr5e.cloudfront.net	nexus.ensighten.com
1	cs.choozle.com	www.shenyun.com
1	p.typekit.net	use.typekit.net
1	px4.ads.linkedin.com	www.shenyun.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	analytics.twitter.com	www.shenyun.com
1	t.co	www.shenyun.com
1	pix.pub	www.shenyun.com
1	assets.kochava.com	www.shenyun.com
1	s3-us-west-2.amazonaws.com	www.shenyun.com
1	snap.licdn.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	fonts.googleapis.com	www.shenyun.com
199	86

This site contains links to these domains. Also see Links.

Domain
shenyun.org
www.shenyun.org
zh-tw.shenyun.com
zh-cn.shenyun.com
ja.shenyun.com
ko.shenyun.com
cs.shenyun.com
da.shenyun.com
de.shenyun.com
es.shenyun.com
fr.shenyun.com
id.shenyun.com
it.shenyun.com
nl.shenyun.com
pl.shenyun.com
pt.shenyun.com
ru.shenyun.com
ro.shenyun.com
sv.shenyun.com
vi.shenyun.com
il.shenyun.com
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com

Subject Issuer	Validity	Valid
*.shenyun.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-27` - `2023-06-03`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-02-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
matomo.ticketingbox.com R3	`2023-01-08` - `2023-04-08`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon	`2022-09-21` - `2023-08-24`	a year	crt.sh
*.kochava.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-13` - `2023-10-04`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
pix.pub Amazon	`2022-12-11` - `2024-01-09`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.control.kochava.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-25` - `2023-05-14`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.choozle.com Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.ticketingbox.com Sectigo RSA Domain Validation Secure Server CA	`2022-09-07` - `2023-09-10`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.samplicio.us Amazon	`2022-03-18` - `2023-04-16`	a year	crt.sh
usermatch.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.liadm.com Amazon	`2023-01-01` - `2024-01-30`	a year	crt.sh
*.shenyunonline.com R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-01-17` - `2023-03-28`	2 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Frame ID: E8DE3ED2B2CEDF9F479369E904DFE6D1
Requests: 112 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D10529260-f674-acd3-88c0-cae47253132e%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.shenyun.com&ex-hargs=v%3D1.0%3Bc%3D5067583900501%3Bp%3D10529260-F674-ACD3-88C0-CAE47253132E&cb=711828890855725600&dcc=t
Frame ID: DD841D90448FB32BF9D28427020913B0
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA
Frame ID: 7E6516707E27ACA5CF84770795DFB8DC
Requests: 41 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/xrrgolm/4f0vw3u/iframe
Frame ID: 3F59573BDD5DD96EED5161D137867F0E
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F0593A1B68B850412B0C62CAC8964B8E
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
Frame ID: 6D1F34C23A35BD04E078130F5E7EBA7F
Requests: 43 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Shen Yun 2023 in LA

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

199
Requests

82 %
HTTPS

33 %
IPv6

66
Domains

86
Subdomains

55
IPs

10
Countries

11398 kB
Transfer

16733 kB
Size

87
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://shenyun.org/
Title: Home

Search URL Search Domain Scan URL

URL: https://www.shenyun.org/
Title: Shen Yun homepage

Search URL Search Domain Scan URL

URL: https://zh-tw.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: 中文正體

Search URL Search Domain Scan URL

URL: https://zh-cn.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: 中文简体

Search URL Search Domain Scan URL

URL: https://ja.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: 日本語

Search URL Search Domain Scan URL

URL: https://ko.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: 한국어

Search URL Search Domain Scan URL

URL: https://cs.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Česky

Search URL Search Domain Scan URL

URL: https://da.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Dansk

Search URL Search Domain Scan URL

URL: https://de.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://es.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Español

Search URL Search Domain Scan URL

URL: https://fr.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Français

Search URL Search Domain Scan URL

URL: https://id.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Indonesia

Search URL Search Domain Scan URL

URL: https://it.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Italiano

Search URL Search Domain Scan URL

URL: https://nl.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://pl.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Polski

Search URL Search Domain Scan URL

URL: https://pt.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Português

Search URL Search Domain Scan URL

URL: https://ru.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Pусский

Search URL Search Domain Scan URL

URL: https://ro.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Română

Search URL Search Domain Scan URL

URL: https://sv.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Svenska

Search URL Search Domain Scan URL

URL: https://vi.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: Việt

Search URL Search Domain Scan URL

URL: https://il.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Title: עברית

Search URL Search Domain Scan URL

URL: https://www.shenyun.org/?lang=en-us
Title: Go to theShen Yun company homepage

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ShenYunPerformingArts

Search URL Search Domain Scan URL

URL: https://twitter.com/shenyun

Search URL Search Domain Scan URL

URL: https://www.instagram.com/shenyunperformingarts/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/shen-yun-performing-arts/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/shenyun

Search URL Search Domain Scan URL

URL: https://www.shenyun.org/contact-us?lang=en-us
Title: Contact us

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D10529260-f674-acd3-88c0-cae47253132e%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.shenyun.com&ex-hargs=v%3D1.0%3Bc%3D5067583900501%3Bp%3D10529260-F674-ACD3-88C0-CAE47253132E&cb=711828890855725600 HTTP 302
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D10529260-f674-acd3-88c0-cae47253132e%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.shenyun.com&ex-hargs=v%3D1.0%3Bc%3D5067583900501%3Bp%3D10529260-F674-ACD3-88C0-CAE47253132E&cb=711828890855725600&dcc=t

Request Chain 36

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=104907&time=1675060635689&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D104907%26time%3D1675060635689%26url%3Dhttps%253A%252F%252Fwww.shenyun.com%252Fla%253Fvideoid%253DcJlL1Q1dzv0%2526playvideo%253D1%2526utm_source%253Dshenyun%2526utm_medium%253Demail%2526utm_campaign%253Dca_sale%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=104907&time=1675060635689&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=104907&time=1675060635689&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&liSync=true&e_ipv6=AQKdFIEgqE2SfwAAAYYBZOnHb1uPqEXeisbcTTAB5WrMQ1VEOi45-xdzx2caoQ7yPvkTk-KoIm1cOXBYXUDp1TuYYREn

Request Chain 68

https://insight.adsrvr.org/tags/xrrgolm/4f0vw3u/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/xrrgolm/4f0vw3u/iframe

Request Chain 69

https://ib.adnxs.com/setuid/a9?entity=188&code=X9NDcLNeQS-EBprR7OUFCg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DX9NDcLNeQS-EBprR7OUFCg%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=X9NDcLNeQS-EBprR7OUFCg

Request Chain 71

https://aa.agkn.com/adscores/g.pixel?sid=9212284268 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=216423104412000516620&ex=neustar.biz

Request Chain 72

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=n-qTzPPCQbexplxyQwOG9w&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=n-qTzPPCQbexplxyQwOG9w&C=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y9dlnFh0yM1n1fpSV.ODSwAA

Request Chain 73

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=488cdc79f6c7d4951de15155b4940574

Request Chain 74

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Request Chain 75

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Kv1HmJy7TgSHXh0QBj-KRw HTTP 302
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Kv1HmJy7TgSHXh0QBj-KRw&verify=true HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Kv1HmJy7TgSHXh0QBj-KRw

Request Chain 76

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=02f86af4-bd3b-456c-a7d4-f386de3a9e59

Request Chain 79

https://ads.stickyadstv.com/user-matching?id=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=b45fa1ca8ec3439c969df0a9d56bd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Request Chain 80

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com HTTP 302
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Request Chain 82

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=10b96219-5cb2-4ae1-8902-562547acaa2d&ex=improvedigital.com

Request Chain 84

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10ad92da71a90ba2d

Request Chain 85

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KS_PkLM-TkuZ76IWsnXU_Q&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KS_PkLM-TkuZ76IWsnXU_Q

Request Chain 86

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=MRjZ5xqYTMGVA-5tJ4NVlQ&redirectId=2545 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=32bcea7a24d994d15650fa745b896ee6&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=MRjZ5xqYTMGVA-5tJ4NVlQ

Request Chain 87

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=7LIMbcI-TFqlpZ1U5FyQfw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=7LIMbcI-TFqlpZ1U5FyQfw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=90887214294766903914596206954565444887

Request Chain 88

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=sZuxq4uZRfux3_lXLFYb2w HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812650126470625724&gdpr=&gdpr_consent=

Request Chain 89

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=1347644232904364128

Request Chain 90

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=8a06e6ab-a068-11ed-9a03-11e121d60406 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=8a06e653-a068-11ed-9a03-11e121d60406

Request Chain 91

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D HTTP 302
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22ce887b13-ba18-4e67-96ba-1c51b9bf5dec%22,%22Time%22:%2220230130T063717.247667%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%] HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=ce887b13-ba18-4e67-96ba-1c51b9bf5dec

Request Chain 92

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEERDwUN8spWMeljeD3EC2L0&google_cver=1

Request Chain 94

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=71dcae6ef3ded75ff7537bbdcfc8a6f0

Request Chain 96

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__ HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=index&id=KoVSrAhAgrUXh7lmLobtfjc4ZGE4ZgAC

Request Chain 98

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=5A95262879136ED0

Request Chain 99

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
https://s.amazon-adsystem.com/ecm3?id=1521403397565078471&ex=appnexus.com

Request Chain 100

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=0TkDW9D0QsCsHAdLd3KkYA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%3D%24%7BDSP_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=0TkDW9D0QsCsHAdLd3KkYA

Request Chain 101

https://token.rubiconproject.com/token?pid=2179&pt=n HTTP 302
https://s.amazon-adsystem.com/ecm3?id=xT7U-rZj-C91HZP2bmUGjsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=CqsqhWH8Qda4DDfRGsrh5g& HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Request Chain 104

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED689D65D763B904BE8102EA74EA

Request Chain 105

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=243ae733c88081f28505e5c8536fa10d3485c8ffb04909ed947e5475e412b8bf

Request Chain 106

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=19200001-CEDF-4DEE-B14E-4E6AC6943057

Request Chain 108

https://sync.taboola.com/sg/amazon-a9-network/1/rtb HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=8189b96a-60cd-4dee-9684-645ac0b707b1-tuctad0eb1d

Request Chain 145

https://rp.liadm.com/j?dtstmp=1675060636670&se=e30&duid=695bdd977528--01gr0p9ttvfgdk6dkm9kcn1az0&tna=v2.6.0&pu=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&wpn=lc-bundle HTTP 302
https://rp4.liadm.com/j?dtstmp=1675060636670&se=e30&duid=695bdd977528--01gr0p9ttvfgdk6dkm9kcn1az0&tna=v2.6.0&pu=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDEyOjMyZGI6NjliZjpjYzc%3D&n3pc=true

Request Chain 158

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 193

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-suppression&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-suppression&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tdc=1

Request Chain 195

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fwn2hrw8%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.0%2522%252C%2522guid%2522%253A%25228b974a1b-7db3-4ce1-844d-1db54ce09b4c%2522%257D&title=Shen%20Yun%202023%20in%20LA&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale HTTP 302
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fwn2hrw8%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.0%2522%252C%2522guid%2522%253A%25228b974a1b-7db3-4ce1-844d-1db54ce09b4c%2522%257D&title=Shen%20Yun%202023%20in%20LA&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tdc=1

199 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request la Show response
www.shenyun.com/ 32 KB
8 KB 578ms
134ms Document
text/html 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 74cecc89819e65004f3a97f48e4a125a2ad5df1a7dc27b31018c452ceb954d46

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 8120
content-type: text/html; charset=UTF-8
date: Mon, 30 Jan 2023 06:37:15 GMT
last-modified: Mon, 30 Jan 2023 06:37:03 GMT

GET
H2 200 main.8b05a54f.css
www.shenyun.com/build-dist/cp2023/static/css/ 561 KB
175 KB 138ms
131ms Stylesheet
text/css 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/css/main.8b05a54f.css
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: abd82c01ba9ebead686986e83dd3310e068ffa820b57d02bcef87bfa7eeaf916

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:37 GMT
content-length: 179398
content-type: text/css; charset=utf-8

GET
H2 200 main.e3bf3dbc.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 548 KB
172 KB 536ms
528ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 0480433e0bce8edb171c6a3c31efe149745a88e2a9690807cddc3889ec088eef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:22 GMT
content-length: 175514
content-type: application/javascript; charset=utf-8

GET
H2 200 vfi2kwh.css
use.typekit.net/ 8 KB
1 KB 199ms
44ms Stylesheet
text/css 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/vfi2kwh.css

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

45f01b9990b08fb05e4804081661662d94dbc3bd99c644b7774fc0448e1d43a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 30 Jan 2023 06:37:15 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1166

GET
H2 200 css
fonts.googleapis.com/ 2 KB
839 B 165ms
60ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Serif+Display:400,400i&display=swap

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30a8327f0cb688bc7a1767099188abf9be47de99d00cc92417590a4687909fc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 06:37:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Jan 2023 06:37:15 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 87 KB
28 KB 76ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3279035
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27938
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603e8adc-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PlcbgNdvLJ%2FbpnBouYFT0TokoQUYgVzrigv9f384yZfpDLWbOV0SMlLExd%2BSjzIAO0SDa3Hv5v9gHDfqh%2BZYv4DdYe0aWo3Hj8KoE4vw35jjpDOUMdL5RUPx%2FnO0KjwEgL9RxK%2BttDsT94Z3zEc1LDja"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 791832aa4ab72be4-FRA
expires: Sat, 20 Jan 2024 06:37:15 GMT

GET
H2 200 jquery.magnific-popup.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.0.0/ 21 KB
7 KB 82ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.0.0/jquery.magnific-popup.min.js

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0785e2b2433cb69472a6dc71d2c6f64a58d73aa0735ca4838b5f0223b36898b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2255792
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6846
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-5281"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8as9LEQFdcD68PDO9ohT1ujDWQC5lsluQVcpONQQXlgv%2BVx%2FBZG2iorHfEA1ec8iHFK3MIzokSq89fRo5GCsYFxYsV1%2FTWNcY37EOqyg3Nx98FtQyvpRCHrslijqNxgiQia0X%2Ff3fSgKwIOrvr7Q%2Ba9T"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 791832aa4ab92be4-FRA
expires: Sat, 20 Jan 2024 06:37:15 GMT

GET
H2 200 default.css
www.shenyun.com/module/shenyun2022h/css/en-us/ 2 KB
460 B 530ms
527ms Stylesheet
text/css 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/module/shenyun2022h/css/en-us/default.css?v=1675060623
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 08cb06f8517f74dba1b9139be1740ff28ebfbc3bccf6f5eb737a99f4f1f5dd2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

expires: Mon, 30 Jan 2023 09:37:15 GMT
date: Mon, 30 Jan 2023 06:37:15 GMT
cache-control: max-age=10800
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 06:37:04 GMT
content-length: 374
content-type: text/css; charset=utf-8

GET
H2 200 dresscode-290417bd3a.js Show response
www.shenyun.com/themes/dresscode/app/main/ 123 KB
41 KB 530ms
527ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/themes/dresscode/app/main/dresscode-290417bd3a.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 4009d9cd874341f6fd65ceaf062f6ff7a414b2b313aa69cd59b4b30b9805a8b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:09 GMT
content-length: 42090
content-type: application/javascript; charset=utf-8

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 264 KB
89 KB 158ms
60ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0a5506366466f2a5c9d69b8036ee2b9c9a13b3248314442ba4b218a17d822bfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90862
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Jan 2023 06:37:15 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 121 KB
46 KB 166ms
59ms Script
application/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-TPHWWPG

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6222c5a854cc32fc0f16fa69f42c928e92163fe08ede0e2ac46e99ca0a709174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46856
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Jan 2023 06:37:15 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 145ms
34ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6363-VIE

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/977179039/ 2 KB
1 KB 189ms
96ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/977179039/?random=1675060635500&cv=11&fst=1675060635500&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tiba=Shen%20Yun%202023%20in%20LA&auid=1015857699.1675060635&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c330d304732698e8cce849068708ab1f5d5b0c543080e32213b8f11ccf01a435

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 132ms
45ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Mon, 30 Jan 2023 06:37:15 GMT
last-modified: Mon, 23 Jan 2023 19:59:24 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D4D25C91BDE345A5849346C45FB687E5 Ref B: DUS30EDGE0715 Ref C: 2023-01-30T06:37:15Z
etag: "076bc30652fd91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11552

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 180ms
47ms Script
application/x-javascript 2a02:26f0:10e::6860:5baa
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:10e::6860:5baa Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=71043
accept-ranges: bytes
content-length: 4777

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 81ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Jan 2023 06:37:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: iprWYa/bv1ZZiOjlZTF1vWkW/6C/43I/9x27DbQ5+FQRrjQdvEmLYcqKcuDOrKX5Q0a91weE08/Lzqb7exDwaw==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe_api Show response
www.youtube.com/ 992 B
2 KB 176ms
69ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 30 Jan 2023 06:37:15 GMT

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame DD84
Redirect Chain

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D10529260-f674-acd3-88c0-cae47253132e%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.shenyun.com&ex-hargs=v%3D1.0%3Bc%3D506758...
https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D10529260-f674-acd3-88c0-cae47253132e%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.shenyun.com&ex-hargs=v%3D1.0%3Bc%3D506758...

1 KB
2 KB

129ms
128ms

Document
text/html

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D10529260-f674-acd3-88c0-cae47253132e%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.shenyun.com&ex-hargs=v%3D1.0%3Bc%3D5067583900501%3Bp%3D10529260-F674-ACD3-88C0-CAE47253132E&cb=711828890855725600&dcc=t

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

0885d48a14c0e4cc3474d09c551348abf5c51484b1ecc37cf715c7288131ffb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.shenyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1230
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 30 Jan 2023 06:37:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 02MJJ44H8TT8WNNMTQD0

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Mon, 30 Jan 2023 06:37:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D10529260-f674-acd3-88c0-cae47253132e%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.shenyun.com&ex-hargs=v%3D1.0%3Bc%3D5067583900501%3Bp%3D10529260-F674-ACD3-88C0-CAE47253132E&cb=711828890855725600&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: H64JT135F1JCM5EWE2ER

GET
H/1.1 200
OK matomo.js Show response
matomo.ticketingbox.com/ 139 KB
139 KB 739ms
180ms Script
application/javascript 162.251.166.218
DEDICATED

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.ticketingbox.com/matomo.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.251.166.218 Los Angeles, United States, ASN63018 (DEDICATED, US),
Reverse DNS: pour-screen.talksmarts.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.32 /
Resource Hash: c13ef915cd254e5197d5021d9779857e3c3ce6c14825e3f89730b0ad8f46d490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:37:16 GMT
Last-Modified: Sun, 01 Aug 2021 17:34:59 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.32
ETag: "22c96-5c882df39b85f"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 142486

GET
H/1.1 200
OK ge.js Show response
s3-us-west-2.amazonaws.com/jsstore/a/WN2HRW8/ 35 KB
35 KB 611ms
202ms Script
application/javascript 52.218.243.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/jsstore/a/WN2HRW8/ge.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.243.160 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 249120ad030ef95047c8a816452d2dc894c2cce7444f22cca9bbdac253ad9ac4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:37:17 GMT
Last-Modified: Thu, 05 Jan 2023 15:29:46 GMT
Server: AmazonS3
x-amz-request-id: VDBCJK4QXMCT9CQH
ETag: "7dfe09b236b94e8cc2f9478a45bc9e20"
Content-Type: application/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 35809
x-amz-id-2: hAJR8INWRUhaUMUUNI9uBr1fPRzUjCdYEEFIGKl+XcbCZlrL4YRdfktfZa2n+fF+ukPRzzgeqhI=
Expires: Sat, 04 Feb 2023 15:29:45 GMT

GET
H2 200 kochava.min.js Show response
assets.kochava.com/kochava.js/v2.2/ 8 KB
9 KB 111ms
23ms Script
text/javascript 35.190.11.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.kochava.com/kochava.js/v2.2/kochava.min.js?c=0.20372104412768266
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.11.202 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 202.11.190.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2773bebe58754475ba386259a546e1f57b60f8fab64c99ddb1c46e76b668d374

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:20:02 GMT
age: 1033
x-guploader-uploadid: ADPycdvwU1_gYLI7F06D_Ca6vSkwObdpkaufXvF5qHMY80FHeS3MENrMkbhDUG8E9CiPG8fxfQQzQM5s5U1McwK4WsYu3x1-wZtI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8687
last-modified: Wed, 17 Feb 2021 20:07:17 GMT
server: UploadServer
etag: "9520f23908e8538a7b8f7bb530b916e1"
vary: Origin
x-goog-generation: 1613592437531972
x-goog-hash: crc32c=jVO0wQ==, md5=lSDyOQjoU4p7j3u1MLkW4Q==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 8687
accept-ranges: bytes
expires: Mon, 30 Jan 2023 07:20:02 GMT

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/17496/ 29 KB
10 KB 127ms
25ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/17496/Bootstrap.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4103368efcd61fe807a4b5c6754fedccf58d7aec400b392c522e3e245f3714b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 15:26:15 GMT
x-amz-version-id: O.iHR.FToMoE8hC09E5TzFsPBhzF7Lpd
content-encoding: br
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 4547461
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 08 Dec 2022 15:25:41 GMT
server: AmazonS3
etag: W/"4a0f3b4673ce9462ad53b70eed77797a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: O-FLnQXRsBfsATIjc7t1_eJophJAWVW8f-2gHE9a0pcT0Pwa86LSTA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 60ms
59ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1ENQVSTJF6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f7b35ce4d7000cf65cdc7306f635d5633f14877bf8923eb8963386b5bc3e8180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Jan 2023 06:37:15 GMT

GET
H2 200 t.png
pix.pub/ 68 B
412 B 87ms
22ms Image
image/png 143.204.215.78
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pix.pub/t.png?&t=1675060635510&l=tvscientific-pix-o-96903f90-5217-48a0-8cbe-ae284fff1e1d&u3=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-78.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 17:00:11 GMT
via: 1.1 12c16baed6578bf50fb0eaa233f2bc84.cloudfront.net (CloudFront)
last-modified: Mon, 22 Mar 2021 14:38:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 49025
x-amz-server-side-encryption: AES256
etag: "8e31b8b47c618ed73e5b31011d1de037"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 68
x-amz-cf-id: -7aYQskNMlQaxSBLF0qynKxYgClLQ_utKgdLEeP_mf-NSWsk0DDAvw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 93ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1ENQVSTJF6&gtm=2oe1p0&_p=2119554401&_gaz=1&cid=1374624689.1675060636&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675060635&sct=1&seg=0&dl=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&dt=Shen%20Yun%202023%20in%20LA&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1ENQVSTJF6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shenyun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
254 B 92ms
32ms Ping
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1ENQVSTJF6&cid=1374624689.1675060636&gtm=2oe1p0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1ENQVSTJF6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shenyun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 154ms
60ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1ENQVSTJF6&cid=1374624689.1675060636&gtm=2oe1p0&aip=1&z=1012773671

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 476904979116150 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 25ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/476904979116150?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f3fa50117b826f8dea3be8931e2777380f7ab8dfa6b458005985fe9779bd5bd5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Jan 2023 06:37:15 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110078
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Hug9Wb7OA9+4Z4nUbO8vm9tFQOt0GsMLNkW4DNOTkvYV0yEUSUmD4YWTi7vjtVunMWxiLIaBX5NEd41JYjcz4A==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 json Show response
web-sdk.control.kochava.com/track/ 15 B
76 B 77ms
75ms XHR
text/html 2600:1901:0:7af::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk.control.kochava.com/track/json
Requested by: Host: assets.kochava.com
URL: https://assets.kochava.com/kochava.js/v2.2/kochava.min.js?c=0.20372104412768266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7af:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 075a61c48ac3dd56cdf07086a2f7bae59363f88be99011dd8b73dcf7f2b9df75

Request headers

Referer: https://www.shenyun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: DNT,X-Challenge-Answer,X-Challenge-Id,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 json Show response
web-sdk.control.kochava.com/track/ 15 B
76 B 78ms
78ms XHR
text/html 2600:1901:0:7af::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk.control.kochava.com/track/json
Requested by: Host: assets.kochava.com
URL: https://assets.kochava.com/kochava.js/v2.2/kochava.min.js?c=0.20372104412768266
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7af:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 075a61c48ac3dd56cdf07086a2f7bae59363f88be99011dd8b73dcf7f2b9df75

Request headers

Referer: https://www.shenyun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
via: 1.1 google
server: nginx
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: DNT,X-Challenge-Answer,X-Challenge-Id,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 json
web-sdk.control.kochava.com/track/ Frame 0
0 244ms
31ms Preflight
text/html 2600:1901:0:7af::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk.control.kochava.com/track/json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7af:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.shenyun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: DNT,X-Challenge-Answer,X-Challenge-Id,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8
date: Mon, 30 Jan 2023 06:37:15 GMT
server: nginx
via: 1.1 google

OPTIONS
H2 200 json
web-sdk.control.kochava.com/track/ Frame 0
0 245ms
33ms Preflight
text/html 2600:1901:0:7af::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://web-sdk.control.kochava.com/track/json
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7af:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.shenyun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: DNT,X-Challenge-Answer,X-Challenge-Id,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8
date: Mon, 30 Jan 2023 06:37:15 GMT
server: nginx
via: 1.1 google

GET
H2 200 adsct
t.co/i/ 43 B
378 B 188ms
128ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=0f70628b-83e4-45f3-9477-f8f369b9a772&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95526ed4-08a1-489d-a62a-7e954f587db0&tw_document_href=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw1o2&type=javascript&version=2.3.29

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 30 Jan 2023 06:37:15 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1b72a583c641046f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 25a555ce19fd60738365699aa5161896ddd4dfca3b4998f23bad82b28e9b02e0
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 404ms
129ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=0f70628b-83e4-45f3-9477-f8f369b9a772&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=95526ed4-08a1-489d-a62a-7e954f587db0&tw_document_href=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw1o2&type=javascript&version=2.3.29

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-response-time: 106
date: Mon, 30 Jan 2023 06:37:15 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 68bce89f4382556c
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 4622158cacd4fa9e5451a6b586edd0a8d0c2077609aa3d7ad2821e0304c1ed19
content-length: 43

GET
H2 204 5066372.js Show response
bat.bing.com/p/action/ 0
118 B 116ms
115ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5066372.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Mon, 30 Jan 2023 06:37:15 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E4BC8BD48A094F7C9C73E7B0B3A4C6E2 Ref B: DUS30EDGE0715 Ref C: 2023-01-30T06:37:15Z
x-cache: CONFIG_NOCACHE

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/ 183 KB
62 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:36:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62798
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 30 Jan 2024 06:36:18 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/104907/domain/shenyun.com/ 36 B
375 B 101ms
25ms XHR
application/json 2600:9000:206f:7c00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/104907/domain/shenyun.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7c00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.shenyun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:00:39 GMT
content-encoding: gzip
via: 1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 2196
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: rNzo9O8e0n2tEeeCoqlVLOxeVTE7N_KvpEEjScR7hK8PgW3vaECiRg==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=104907&time=1675060635689&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Dema...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D104907%26time%3D1675060635689%26url%3Dhttps%253A%252F%252Fwww.shenyun.com%252Fla%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=104907&time=1675060635689&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Dema...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=104907&time=1675060635689&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Dem...

0
266 B

211ms
115ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=104907&time=1675060635689&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&liSync=true&e_ipv6=AQKdFIEgqE2SfwAAAYYBZOnHb1uPqEXeisbcTTAB5WrMQ1VEOi45-xdzx2caoQ7yPvkTk-KoIm1cOXBYXUDp1TuYYREn
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: AA9C59D5C4EB4DEFB0DFC95771162741 Ref B: FRAEDGE1516 Ref C: 2023-01-30T06:37:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzdXI0WZw6EwDMQ0QosQ==

Redirect headers

date: Mon, 30 Jan 2023 06:37:15 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: C8ADD4F4FEA543289C7D6AC29BA165D7 Ref B: FRAEDGE1414 Ref C: 2023-01-30T06:37:16Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=104907&time=1675060635689&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&liSync=true&e_ipv6=AQKdFIEgqE2SfwAAAYYBZOnHb1uPqEXeisbcTTAB5WrMQ1VEOi45-xdzx2caoQ7yPvkTk-KoIm1cOXBYXUDp1TuYYREn
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXzdXIxEX88uFphBZRe9g==

GET
H2 200 /
www.google.com/pagead/1p-user-list/977179039/ 42 B
455 B 156ms
62ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/977179039/?random=1675060635500&cv=11&fst=1675058400000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tiba=Shen%20Yun%202023%20in%20LA&fmt=3&is_vtc=1&random=1592520295&rmt_tld=0&ipr=y

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/977179039/ 42 B
154 B 100ms
64ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/977179039/?random=1675060635500&cv=11&fst=1675058400000&bg=ffffff&guid=ON&async=1&gtm=2wg1p0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tiba=Shen%20Yun%202023%20in%20LA&fmt=3&is_vtc=1&random=1592520295&rmt_tld=1&ipr=y

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 36ms
35ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 06:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 931
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 30 Jan 2023 08:21:44 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 67ms
22ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=476904979116150&ev=PageView&dl=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&rl=&if=false&ts=1675060635779&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675060635778.1465750516&it=1675060635666&coo=false&rqm=GET

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Jan 2023 06:37:15 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 142ms
32ms Stylesheet
text/css 2a02:26f0:11a::217:9a4b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=vfi2kwh&ht=tk&f=139.173.175.176.25136.8498.8500.8501.16382.16383.16384&a=6153036&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfi2kwh.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a4b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
last-modified: Sun, 01 May 2022 15:58:42 GMT
server: nginx
etag: "626eae32-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/17496/ 409 B
714 B 46ms
45ms Script
text/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/17496/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/choozle/17496/code/&publishedOn=Thu%20Dec%2008%2015:25:34%20GMT%202022&ClientID=923&PageID=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/17496/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 2e37d2e645ae030e13d9422f759d2396f4b55e5404a7ab0e7e08581d037f7d1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 409
x-amz-cf-id: pIQ9vSwv-bwAQiOlTJbqLw-YvewNFnd7rly5TGux1Z4lI4xZTrtbYQ==
expires: Mon, 30 Jan 2023 06:37:14 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 56ms
56ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2119554401&t=pageview&_s=1&dl=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&ul=en-us&de=UTF-8&dt=Shen%20Yun%202023%20in%20LA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABQAAAACAAI~&jid=241689249&gjid=64064852&cid=1374624689.1675060636&tid=UA-16088546-3&_gid=766364357.1675060636&_r=1&_slc=1&gtm=2wg1p05VWGVS&z=2020397201

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shenyun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shenyun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 99611328e000b80011c36f621cfa765a.js Show response
nexus.ensighten.com/choozle/17496/code/ 2 KB
902 B 24ms
24ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/17496/code/99611328e000b80011c36f621cfa765a.js?conditionId0=421905
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/17496/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38a83c44c7fe60383ce5dd8e0f22953d45bbf23ff4898b1854137ce13c3c11e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 23:41:44 GMT
x-amz-version-id: i20OCBMenCA2cJDRBJg4v4lKf424.xoj
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 4604132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 19:41:17 GMT
server: AmazonS3
etag: W/"3d1c8cbc8fb9d7004d7ede2444fc7bc9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: GI82gfbMG15z-fbpBIvJkgGyJAVilWFVmmfIkkm67DrIR6yYJ_FSYg==

GET
H2 200 8c9e7a1b8d89b27632985ffb20f63025.js Show response
nexus.ensighten.com/choozle/17496/code/ 1 KB
1 KB 25ms
25ms Script
application/javascript 65.9.66.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/choozle/17496/code/8c9e7a1b8d89b27632985ffb20f63025.js?conditionId0=4944426&conditionId1=4944425
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/17496/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-103.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7dcaaf60c5fc6161585d557c8a473a515d6b41c28b1da41ed2eec646bd354bb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 23:41:44 GMT
x-amz-version-id: SkEjC1E6qkzkajXzo6XkDl0LcgQyWp8h
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 4604132
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 07 Dec 2022 19:43:21 GMT
server: AmazonS3
etag: W/"ba72fad1fd10bc9d757e36789f62725d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: kU5TgNYRpMqEMmHYCW3vtIkeq15rSIRx24GLz3mWoNA0cUr8fFhiXg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 33ms
32ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16088546-3&cid=1374624689.1675060636&jid=241689249&gjid=64064852&_gid=766364357.1675060636&_u=YADAAEAAQAAAACAAI~&z=121603349

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shenyun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 06:37:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shenyun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 29053
cs.choozle.com/dp/chz/ 35 B
123 B 529ms
112ms Image
image/gif 34.195.36.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.choozle.com/dp/chz/29053?d=www.shenyun.com&cb=7141342787
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.36.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-36-112.compute-1.amazonaws.com
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 60ms
59ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-16088546-3&cid=1374624689.1675060636&jid=241689249&_u=YADAAEAAQAAAACAAI~&z=184892960

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
60ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-16088546-3&cid=1374624689.1675060636&jid=241689249&_u=YADAAEAAQAAAACAAI~&z=184892960

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 -nFhOHM81r4j6k0gjAW3mujVU2B2G_VB0PD2.woff2
fonts.gstatic.com/s/dmserifdisplay/v11/ 24 KB
24 KB 133ms
37ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmserifdisplay/v11/-nFhOHM81r4j6k0gjAW3mujVU2B2G_VB0PD2.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Serif+Display:400,400i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf76557868a511eff04bac35ebe0d91b481c5169681598856a65de0bfa218495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 20:03:57 GMT
x-content-type-options: nosniff
age: 556399
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24180
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 21:45:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 20:03:57 GMT

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 44 KB
44 KB 128ms
32ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=071f3017b92606d48b2a974b8c0eb8191609f944685db47de8c59ac12a5b4abe&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfi2kwh.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5a35b9c324f9aa7968eacf59429642422f974ae67c1c573cb5d3fd465ed552ac

Request headers

Referer: https://use.typekit.net/vfi2kwh.css
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
server: nginx
etag: "74f7e59c3eae39aeacd316753548158495e71805"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44636

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 45 KB
46 KB 134ms
38ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=071f3017b92606d48b2a974b8c0eb8191609f944685db47de8c59ac12a5b4abe&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfi2kwh.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a36c42905be5795cbcbb331ffb37a97a0562e514af606a61588ba05eb6786771

Request headers

Referer: https://use.typekit.net/vfi2kwh.css
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
server: nginx
etag: "ccb46b48db86cb78c58d6c6862ce0230342ce0a9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46296

GET
H2 200 l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 45 KB
46 KB 191ms
95ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=071f3017b92606d48b2a974b8c0eb8191609f944685db47de8c59ac12a5b4abe&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfi2kwh.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fd3f66f0b5b828f420d6be5f65cd4c4691061624016e26fc33b7e304f26d5bde

Request headers

Referer: https://use.typekit.net/vfi2kwh.css
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
server: nginx
etag: "ed0e03fd6b21693a57b4e87d51911b610a82d62d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 46512

GET
H2 200 l
use.typekit.net/af/e117fb/00000000000000007735a062/30/ 25 KB
25 KB 190ms
95ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/e117fb/00000000000000007735a062/30/l?primer=c9e3d14e497143dc5d9f280a9dc09e2fae4985134156b11dbce2eed03bb7e46d&fvd=i3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfi2kwh.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2238ada923d9dabc5cddc9a46525098dece7a567bd944cee9a712c4e77158f15

Request headers

Referer: https://use.typekit.net/vfi2kwh.css
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
server: nginx
etag: "54cd02c30c35edaf61c41be17b9d1fd5e662cd14"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25448

GET
H2 200 l
use.typekit.net/af/066173/00000000000000007735a05f/30/ 27 KB
27 KB 200ms
104ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/066173/00000000000000007735a05f/30/l?primer=c9e3d14e497143dc5d9f280a9dc09e2fae4985134156b11dbce2eed03bb7e46d&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfi2kwh.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 12efc564f08026d8b6fe50e440d7454c0fae496c23e06d72f39fbdcc87f13d53

Request headers

Referer: https://use.typekit.net/vfi2kwh.css
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
server: nginx
etag: "20f111329a8512c092357d7cf5ef496d7edb1d81"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 27452

GET
H2 200 l
use.typekit.net/af/78aca8/00000000000000007735e60d/30/ 44 KB
44 KB 127ms
32ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/78aca8/00000000000000007735e60d/30/l?primer=071f3017b92606d48b2a974b8c0eb8191609f944685db47de8c59ac12a5b4abe&fvd=n6&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfi2kwh.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 459d8937828f77f7401e750ebe9c4ed389524a225cd80372f22122d6a6fbb102

Request headers

Referer: https://use.typekit.net/vfi2kwh.css
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
server: nginx
etag: "a5128bbcc0889918a92a00704ed6e086ebf91beb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44620

GET
H2 200 l
use.typekit.net/af/23e139/00000000000000007735e605/30/ 44 KB
44 KB 110ms
108ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/23e139/00000000000000007735e605/30/l?primer=071f3017b92606d48b2a974b8c0eb8191609f944685db47de8c59ac12a5b4abe&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfi2kwh.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8c88ebfecbc749d20a82f93e48f65a2589465eedfbaea2a6313f4ce553b641ec

Request headers

Referer: https://use.typekit.net/vfi2kwh.css
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
server: nginx
etag: "2d3b99bcc610c7c99e4f8b091c2eeb4e11d00295"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45012

GET
H2 204 0
bat.bing.com/action/ 0
287 B 48ms
48ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5066372&tm=gtm002&Ver=2&mid=8fa37a3b-7228-4c57-bbca-1e15dc288a08&sid=896805b0a06811ed860ccfc02e8836d6&vid=89682320a06811edaa9af5a5b524b759&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Shen%20Yun%202023%20in%20LA&kw=Shen%20Yun,%20Shenyun,%20Shen,%20Yun,%20Shenyun%20Performing%20Arts,%20Performing%20Arts,%20%0APerforming,%20Arts,%20Chinese%20dance%20show%20tickets,%20Chinese%20New%20Year%20Spectacular,%20%0AChinese%20Spectacular,%20Chinese%20New%20Year%20Splendor,%20Symphony%20Orchestra,%20Chinese%20%0AMusic,%20erhu,%20pipa&p=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&r=&lt=1473&evt=pageLoad&sv=1&rn=150608

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Jan 2023 06:37:16 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9942B3E3798C4359B0788D643C3CD618 Ref B: DUS30EDGE0715 Ref C: 2023-01-30T06:37:16Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK __t2.js Show response
tracking.ticketingbox.com/ 7 KB
3 KB 337ms
102ms Script
application/javascript 216.158.231.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.ticketingbox.com/__t2.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VWGVS
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.158.231.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 58ab7caca0f57a1c76770c34ede88778d05c2eb9eb7649f51e0208859f0089bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:37:16 GMT
Content-Encoding: gzip
Last-Modified: Sat, 06 Aug 2022 15:29:08 GMT
Server: Apache/2.4.41 (Ubuntu)
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2825

GET
H2 200 280.3366f90a.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 113 KB
40 KB 136ms
133ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/280.3366f90a.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: fe5c1e4c577a049ae4761a659bf406b927eea882c67fafcbfecab2ae8824f7ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:19 GMT
content-length: 41000
content-type: application/javascript; charset=utf-8

GET
H2 200 874.d6b0cc02.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 11 KB
4 KB 144ms
141ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/874.d6b0cc02.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 3a9aa1c36e7c872e3a9c6eed9453aab3ca6c2eed582fa52a56f5b568bb4a2d00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 3832
content-type: application/javascript; charset=utf-8

GET
H2 200 693.947407fd.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 67 KB
26 KB 145ms
142ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/693.947407fd.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 3dedcd56b794ea1ede7242c15fcb74e932736fae8a06a4c444e9ae8cb0f1a3e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 26711
content-type: application/javascript; charset=utf-8

GET
H2 200 292.29eed712.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 5 KB
2 KB 145ms
144ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/292.29eed712.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e65a64867673d4961486e1e1ceaad75e3715f69d47cb23b7c02fd2a053593075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 1641
content-type: application/javascript; charset=utf-8

GET
H2 200 221.a0d196c7.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 32 KB
12 KB 146ms
145ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/221.a0d196c7.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5406bdd111ecece4082b8349f38b5f03628b109b153474f6de227eb7ec3984c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 12024
content-type: application/javascript; charset=utf-8

GET
H2 200 icons.4ddffdf406bbeaca2efa89bd4695bec4.svg
www.shenyun.com/build-dist/cp2023/static/media/ 57 KB
19 KB 155ms
154ms Other
image/svg+xml 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/media/icons.4ddffdf406bbeaca2efa89bd4695bec4.svg
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: d108062088b09e99ca73674e628b2431acaeb8f19c33f8552512371a2c02879d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:27:25 GMT
content-length: 19858
content-type: image/svg+xml

GET
H2 200 get-api Show response
www.shenyun.com/api-home/ 4 KB
2 KB 135ms
135ms XHR
text/html 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/api-home/get-api
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3672bd39c5da36fa82014c9ffe75833ac6a2ee7049ac635ccc84d9687715b6a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 06:30:38 GMT
content-length: 1626
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame 7E65 6 KB
7 KB 119ms
119ms Document
text/html 52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D10529260-f674-acd3-88c0-cae47253132e%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.shenyun.com&ex-hargs=v%3D1.0%3Bc%3D5067583900501%3Bp%3D10529260-F674-ACD3-88C0-CAE47253132E&cb=711828890855725600&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c1739cf065d29f5637c0f86c6ab2b8eac060ef89e37aeeaa025631ec31498766

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?d=generic&ex-fargs=%3Fid%3D10529260-f674-acd3-88c0-cae47253132e%26type%3DUNKNOWN%26m%3D1&ex-fch=416613&ex-src=https://www.shenyun.com&ex-hargs=v%3D1.0%3Bc%3D5067583900501%3Bp%3D10529260-F674-ACD3-88C0-CAE47253132E&cb=711828890855725600&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 6281
Content-Type: text/html;charset=ISO-8859-1
Date: Mon, 30 Jan 2023 06:37:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: 9Z1CS7NWZJ7HTJZSDJ16

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/xrrgolm/4f0vw3u/ Frame 3F59
Redirect Chain

https://insight.adsrvr.org/tags/xrrgolm/4f0vw3u/iframe
https://d1eoo1tco6rr5e.cloudfront.net/xrrgolm/4f0vw3u/iframe

138 B
667 B

108ms
29ms

Document
text/html

18.65.33.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/xrrgolm/4f0vw3u/iframe
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/17496/code/8c9e7a1b8d89b27632985ffb20f63025.js?conditionId0=4944426&conditionId1=4944425
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.33.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-33-149.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 912998fe1c42d957297c9b874fafa350122e4aed81511d7246e18174fe1d10d3

Request headers

Referer: https://www.shenyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 81677
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Sun, 29 Jan 2023 07:56:00 GMT
ETag: "a7e87f0416e5ac34bd8d55a24b6bf30c"
Last-Modified: Wed, 07 Dec 2022 19:36:58 GMT
Server: AmazonS3
Via: 1.1 acee7e60faaea7b7699fe033930a0164.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 6lYgs9ftEzyqB69jQkba9wl2hxtAB3sbFnwbw7BAdF50lOHwc9-CZg==
X-Amz-Cf-Pop: AMS1-P1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Mon, 30 Jan 2023 06:37:16 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/xrrgolm/4f0vw3u/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://ib.adnxs.com/setuid/a9?entity=188&code=X9NDcLNeQS-EBprR7OUFCg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DxandrHMT%26id%3D%24UID
https://ib.adnxs.com/bounce?%2Fsetuid%2Fa9%3Fentity%3D188%26code%3DX9NDcLNeQS-EBprR7OUFCg%26redir%3Dhttps%253A%252F%252Fs.amazon-adsystem.com%252Fecm3%253Fex%253DxandrHMT%2526id%253D%2524UID
https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=X9NDcLNeQS-EBprR7OUFCg

43 B
479 B

224ms
117ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=X9NDcLNeQS-EBprR7OUFCg

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 8BYE2MDRJCN4SKKHMKFT
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 30 Jan 2023 06:37:16 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: bf88dc4d-5f3c-4d23-a613-c657f5b42aef
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=xandrHMT&id=X9NDcLNeQS-EBprR7OUFCg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 7E65 43 B
163 B 164ms
31ms Image
image/gif 185.86.139.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=144&partneruserid=Ul30a1w7RPe3N5iD7lySiQ&redirurl=https://s.amazon-adsystem.com/ecm3?ex=equativHMT%26id%3D%26sspid%3DSMART_USER_ID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:15 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212284268
https://s.amazon-adsystem.com/ecm3?id=216423104412000516620&ex=neustar.biz

43 B
479 B

314ms
119ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=216423104412000516620&ex=neustar.biz

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6QEWT7Y6MK6YR0GY5W15
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:16 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://s.amazon-adsystem.com/ecm3?id=216423104412000516620&ex=neustar.biz
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=198&external_user_id=n-qTzPPCQbexplxyQwOG9w&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DindexHMT%26id%3D&cm_dsp_id=198&external_user_id=n-qTzPPCQbexplxyQwOG9w&C=1
https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y9dlnFh0yM1n1fpSV.ODSwAA

43 B
479 B

198ms
112ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y9dlnFh0yM1n1fpSV.ODSwAA

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MR5G0PEVW4Q2DJMKS13S
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:16 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://s.amazon-adsystem.com/ecm3?ex=indexHMT&id=Y9dlnFh0yM1n1fpSV.ODSwAA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://x.bidswitch.net/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://x.bidswitch.net/ul_cb/sync_a9/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbidswitch.com%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=488cdc79f6c7d4951de15155b4940574

43 B
479 B

209ms
116ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=488cdc79f6c7d4951de15155b4940574

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 7T521M1K82R4BY0C4MTD
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bidswitch.com&id=488cdc79f6c7d4951de15155b4940574
date: Mon, 30 Jan 2023 06:37:16 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://tags.bluekai.com/site/36840?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dbluekai.com%26id%3D%24_BK_UUID
https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

43 B
479 B

222ms
123ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5B26ZAH681NW4J26YBPR
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=bluekai.com&id=$_BK_UUID
date: Mon, 30 Jan 2023 06:37:16 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Kv1HmJy7TgSHXh0QBj-KRw
https://ups.analytics.yahoo.com/ups/58516/sync?_origin=1&redir=true&uid=Kv1HmJy7TgSHXh0QBj-KRw&verify=true
https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Kv1HmJy7TgSHXh0QBj-KRw

43 B
479 B

111ms
110ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Kv1HmJy7TgSHXh0QBj-KRw

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SSEPB787R89MHC8P2CDX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=yahooHMT&id=Kv1HmJy7TgSHXh0QBj-KRw
date: Mon, 30 Jan 2023 06:37:16 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://t.myvisualiq.net/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://t.myvisualiq.net/ul_cb/sync?prid=AMZNPNR1&ao=0&red=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dvisualiq%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=02f86af4-bd3b-456c-a7d4-f386de3a9e59

43 B
479 B

128ms
118ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=02f86af4-bd3b-456c-a7d4-f386de3a9e59

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SCC1BVEN9Q685D0XXZM1
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

access-control-allow-origin: *
Location: https://s.amazon-adsystem.com/ecm3?ex=visualiq&id=02f86af4-bd3b-456c-a7d4-f386de3a9e59
Date: Mon, 30 Jan 2023 06:37:16 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
amazon.partners.tremorhub.com/ Frame 7E65 43 B
183 B 662ms
113ms Image
image/gif 2600:1f18:612b:4232:851e:f269:97b5:da7b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amazon.partners.tremorhub.com/sync?UIAM&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dtelaria.com%26id%3D%5BPARTNER_ID%5D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:851e:f269:97b5:da7b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Mon, 30 Jan 2023 06:37:16 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 204 cms
cms.analytics.yahoo.com/ Frame 7E65 0
123 B 171ms
50ms Image
text/html 212.82.100.182
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.analytics.yahoo.com/cms?partner_id=AMAZON&ex=gemini

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spcms.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0109.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545
https://s.amazon-adsystem.com/ecm3?id=b45fa1ca8ec3439c969df0a9d56bd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

43 B
479 B

112ms
112ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=b45fa1ca8ec3439c969df0a9d56bd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: C2YZR3G7DGC43DG33C86
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=b45fa1ca8ec3439c969df0a9d56bd8&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1675060636977007-505
Expires: Mon, 30 Jan 2023 06:37:17 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://www.imdb.com/ads/idsync?cid=a706a6beb&ex=imdb.com
https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

43 B
479 B

181ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:16 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Z80N3WKBS7DBZPSQMPKQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 30 Jan 2023 06:37:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
content-security-policy-report-only: default-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com; script-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline' 'unsafe-eval'; style-src https://*.amazon.com https://*.media-amazon.com https://*.ssl-images-amazon.com https://*.amazon-adsystem.com 'unsafe-inline'; report-uri /1/batch/2/OE/mid=ATVPDKIKX0DER:sid=:rid=PNV62JHQMC8JH9Z77R19:sn=www.imdb.com
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 1; mode=block
server: Server
x-amz-rid: PNV62JHQMC8JH9Z77R19
x-frame-options: SAMEORIGIN
vary: Content-Type,Accept-Encoding,User-Agent
location: https://s.amazon-adsystem.com/ecm3?rcode=1&ex=imdb.com
x-robots-tag: noindex, nofollow
x-amz-cf-id: sNwCOtbg3nlQO8BDB46UNBQU2xQ4wz6ViJdL5rNPTGYvxjiHFOip4Q==

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7E65 0
338 B 360ms
46ms Image
text/plain 34.248.136.204
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=amzn&partner_uid=fRvcdKEPRcCUWWg54r5-wg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dkrux.com%26id%3D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.136.204 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-136-204.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: beacon-n013-dub-prod.krxd.net
date: Mon, 30 Jan 2023 06:37:16 GMT
cache-control: private, no-cache, no-store
x-request-time: D=47 t=1675060636
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://match.360yield.com/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://match.360yield.com/ul_cb/match?publisher_dsp_id=416&external_user_id=ABCD&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%7BPUB_USER_ID%7D%26ex%3Dimprovedigital.com
https://s.amazon-adsystem.com/ecm3?id=10b96219-5cb2-4ae1-8902-562547acaa2d&ex=improvedigital.com

43 B
479 B

114ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=10b96219-5cb2-4ae1-8902-562547acaa2d&ex=improvedigital.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: R2EY1NR5VZF9RED62Z2P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?id=10b96219-5cb2-4ae1-8902-562547acaa2d&ex=improvedigital.com
access-control-allow-origin: *
date: Mon, 30 Jan 2023 06:37:17 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 200
OK pixel.gif
usersync.samplicio.us/amazon/ Frame 7E65 0
263 B 467ms
111ms Image
text/plain 50.19.231.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usersync.samplicio.us/amazon/pixel.gif?https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.19.231.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-19-231-193.compute-1.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Server: nginx/1.20.0
Location: https://s.amazon-adsystem.com/ecm3?ex=luc.id&id=
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://ads.samba.tv/cookie_sync?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsamba.tv%26id%3D
https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10ad92da71a90ba2d

43 B
479 B

117ms
117ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10ad92da71a90ba2d

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: BSE9V000M659EBQ4GWKS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Mon, 30 Jan 2023 06:37:17 GMT
content-security-policy: default-src 'self'
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN
access-control-allow-methods: HEAD,OPTIONS,GET
content-type: text/html; charset=utf-8
location: https://s.amazon-adsystem.com/ecm3?ex=samba.tv&id=10ad92da71a90ba2d
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
content-length: 94

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KS_PkLM-TkuZ76IWsnXU_Q&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KS_PkLM-TkuZ76IWsnXU_Q

43 B
479 B

112ms
112ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KS_PkLM-TkuZ76IWsnXU_Q

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HHGWTB6FQW92J9P76HNV
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=KS_PkLM-TkuZ76IWsnXU_Q
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 402fba8a82f093def2459220061c8d31
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://ads.stickyadstv.com/user-registering?dataProviderId=961&userId=MRjZ5xqYTMGVA-5tJ4NVlQ&redirectId=2545
https://s.amazon-adsystem.com/ecm3?id=32bcea7a24d994d15650fa745b896ee6&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=MRjZ5xqYTMGVA-5tJ4NVlQ

43 B
479 B

122ms
120ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=32bcea7a24d994d15650fa745b896ee6&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=MRjZ5xqYTMGVA-5tJ4NVlQ

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: WVE8HGPR92TMH7GK0VAS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=32bcea7a24d994d15650fa745b896ee6&ex=freewheel.tv&gdpr={gdpr}&gdpr_consent={gdpr_consent}&userId=MRjZ5xqYTMGVA-5tJ4NVlQ
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1675060637005092-423
Expires: Mon, 30 Jan 2023 06:37:17 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://dpm.demdex.net/ibs:dpid=139200&dpuuid=7LIMbcI-TFqlpZ1U5FyQfw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=139200&dpuuid=7LIMbcI-TFqlpZ1U5FyQfw&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=90887214294766903914596206954565444887

43 B
479 B

113ms
112ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=90887214294766903914596206954565444887

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XKYP13MSY81V5C8P03WA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS: dcs-prod-irl1-1-v045-03c381005.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 63WsbDnNRt8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=90887214294766903914596206954565444887
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://odr.mookie1.com/t/v2?tagid=V2_393725&AMAZON_REGION_SPECIFIC_ENDPOINT=s.amazon-adsystem.com&src.visitorID=sZuxq4uZRfux3_lXLFYb2w
https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812650126470625724&gdpr=&gdpr_consent=

43 B
479 B

116ms
114ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812650126470625724&gdpr=&gdpr_consent=

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: DS6NT2AVS49NT8WJRQY3
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:17 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location: https://s.amazon-adsystem.com/ecm3?ex=mplatform.com&id=10812650126470625724&gdpr=&gdpr_consent=
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://c1.adform.net/serving/cookie/match?CC=1&party=1153&redirect_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadform.net%26id%3D%24%7BUUID%7D
https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=1347644232904364128

43 B
479 B

115ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=1347644232904364128

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: HDSRT7Q7Z21BDAZVMMMW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://s.amazon-adsystem.com/ecm3?ex=adform.net&id=1347644232904364128
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7922&redir=https://s.amazon-adsystem.com/ecm3?ex%3Dspotx.com%26id%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=8a06e6ab-a068-11ed-9a03-11e121d60406
https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=8a06e653-a068-11ed-9a03-11e121d60406

43 B
479 B

121ms
119ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=8a06e653-a068-11ed-9a03-11e121d60406

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5FKPYRQY4Q0ZJJZH3CMH
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 30 Jan 2023 06:37:17 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://s.amazon-adsystem.com/ecm3?ex=spotx.com&id=8a06e653-a068-11ed-9a03-11e121d60406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 21
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://bs.serving-sys.com/Serving?cn=cs&rtu=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsizmek%26id%3D%5B%25tp_UserID%25%5D
https://lm.serving-sys.com/lm/acs?json={%22GUID%22:%22ce887b13-ba18-4e67-96ba-1c51b9bf5dec%22,%22Time%22:%2220230130T063717.247667%22}&rtu=https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=[%tp_UserID%]
https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=ce887b13-ba18-4e67-96ba-1c51b9bf5dec

43 B
479 B

112ms
111ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=ce887b13-ba18-4e67-96ba-1c51b9bf5dec

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 741Z0NMJA3S28F0RN0XC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=sizmek&id=ce887b13-ba18-4e67-96ba-1c51b9bf5dec
Server: LogModule 0.6
Content-Length: 204
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_cm&ex=doubleclick.net
https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEERDwUN8spWMeljeD3EC2L0&google_cver=1

43 B
479 B

117ms
116ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEERDwUN8spWMeljeD3EC2L0&google_cver=1

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: NMMATE037KY15E2X0Z2M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=doubleclick.net&google_gid=CAESEERDwUN8spWMeljeD3EC2L0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 400 v2
usermatch.krxd.net/um/ Frame 7E65 20 B
20 B 370ms
114ms Image
text/plain 35.170.45.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usermatch.krxd.net/um/v2?partner=amzn
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.45.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-45-72.compute-1.amazonaws.com
Software: /
Resource Hash: 3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-served-by: usermatch-a021-ash-prod.krxd.net
date: Mon, 30 Jan 2023 06:37:17 GMT
content-type: text/plain; charset=utf-8
x-age: 0
content-length: 20
x-cache: MISS
x-cache-hits: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://sb.scorecardresearch.com/p?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://sb.scorecardresearch.com/p2?c1=9&c2=27552257&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcomscore.com%26id%3D%25AX_UUID%25
https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=71dcae6ef3ded75ff7537bbdcfc8a6f0

43 B
479 B

115ms
115ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=71dcae6ef3ded75ff7537bbdcfc8a6f0

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: SXMQES11Y3238RPXWJ4F
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=comscore.com&id=71dcae6ef3ded75ff7537bbdcfc8a6f0
date: Mon, 30 Jan 2023 06:37:17 GMT
via: 1.1 d01ad8df731d3f120823f9e20df55146.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-length: 0
x-amz-cf-id: -NV0pOIEjjNaEVRUlHmkPvtluFdULniWeFMlwxw-Cf_mTS6ZGDFwOA==
x-cache: Miss from cloudfront

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 7E65 43 B
304 B 134ms
50ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:17 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184155&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex%26id%3D__UID__
https://s.amazon-adsystem.com/ecm3?ex=index&id=KoVSrAhAgrUXh7lmLobtfjc4ZGE4ZgAC

43 B
479 B

117ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=index&id=KoVSrAhAgrUXh7lmLobtfjc4ZGE4ZgAC

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5BKHHY6AYHD4FW8FHM5V
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FU2rbBrziplSsGtO0DpaFu%2Ffwc4kO83iXktwT%2Fs5PteVL48rtTVtlc5hmdkf2ffMNi%2BCnC9CYPl8Zf%2F0Yzo3D4jT%2BFGvjaojQhwF%2FqcJ%2FFtq9QWqBt%2Bh5Nt7%2BjhpGX9yKjswUG3pj8iV1A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://s.amazon-adsystem.com/ecm3?ex=index&id=KoVSrAhAgrUXh7lmLobtfjc4ZGE4ZgAC
cache-control: no-cache
cf-ray: 791832b78d159bb8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 xuid
eb2.3lift.com/ Frame 7E65 37 B
140 B 107ms
25ms Image
image/gif 76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=8341&xuid=i_cegbwcTuihzks0PL5IDw&dongle=az46&rdir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DtripleliftHMT%26id%3D%24UID
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://uipglob.semasio.net/amazon/1/get?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://uipglob.semasio.net/amazon/1/get2?_url=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsemasio%26id%3D%24%7BUIPID%28%29%7D
https://s.amazon-adsystem.com/ecm3?ex=semasio&id=5A95262879136ED0

43 B
479 B

113ms
112ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=semasio&id=5A95262879136ED0

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1MFAY68GB94B15S87XDY
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:19 GMT
frontend-id: 5
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location: https://s.amazon-adsystem.com/ecm3?ex=semasio&id=5A95262879136ED0
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin: *
content-length: 0
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
https://s.amazon-adsystem.com/ecm3?id=1521403397565078471&ex=appnexus.com

43 B
479 B

121ms
121ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=1521403397565078471&ex=appnexus.com

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: X9D3NHXZ944TYMYWSQJX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 30 Jan 2023 06:37:17 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 217.114.215.131; 217.114.215.131; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a29d1f34-dd40-41b9-8f76-8116cc43c0da
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=1521403397565078471&ex=appnexus.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzgmdGw9MTI5NjAw&piggybackCookie=0TkDW9D0QsCsHAdLd3KkYA&rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DpubmaticHMT%26id%...
https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=0TkDW9D0QsCsHAdLd3KkYA

43 B
479 B

120ms
119ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=0TkDW9D0QsCsHAdLd3KkYA

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 2MF517B17MTJGXYDV4KJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmaticHMT&id=0TkDW9D0QsCsHAdLd3KkYA
date: Mon, 30 Jan 2023 06:37:17 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://token.rubiconproject.com/token?pid=2179&pt=n
https://s.amazon-adsystem.com/ecm3?id=xT7U-rZj-C91HZP2bmUGjsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

43 B
479 B

113ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=xT7U-rZj-C91HZP2bmUGjsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: H49EMT9WFHGJBYKA15KX
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?id=xT7U-rZj-C91HZP2bmUGjsWWwYjZzChgQG1x_JmYjWc&ex=rubiconproject.com&status=ok
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=a9&google_hm=CqsqhWH8Qda4DDfRGsrh5g&
https://s.amazon-adsystem.com/ecm3?ex=googleHMT

43 B
479 B

109ms
108ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=googleHMT

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 1103W53AC688VSAP4BHS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://s.amazon-adsystem.com/ecm3?ex=googleHMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 /
loadus.exelator.com/load/ Frame 7E65 0
324 B 438ms
44ms Image
text/plain 54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=204&g=8888&j=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://lciapi.ninthdecimal.com/v1/lci/sync/adv-amzn/c-23445/?rdr=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3F%26ex%3Dninthdecimal.com%26id%3D%24%7BND_UID%7D
https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED689D65D763B904BE8102EA74EA

43 B
479 B

120ms
120ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED689D65D763B904BE8102EA74EA

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4JWPJTQB317T43NSJV0D
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 30 Jan 2023 06:37:17 GMT
Server: openresty/1.15.8.2
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?&ex=ninthdecimal.com&id=6096ED689D65D763B904BE8102EA74EA
Access-Control-Allow-Origin: https://www.homedepot.com
Access-Control-Expose-Headers: User-NDAT
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
P3P: CP="This is not a P3P policy! See http://www.ninthdecimal.com/privacy-policy-terms-of-service for more info."
Connection: keep-alive
Content-Length: 151
Expires: Mon, 30 Jan 2023 06:37:16 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://pi.ispot.tv/v2/TC-3673-1.gif?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dispot.tv%26id%3D%7BISID%7D
https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=243ae733c88081f28505e5c8536fa10d3485c8ffb04909ed947e5475e412b8bf

43 B
479 B

115ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=243ae733c88081f28505e5c8536fa10d3485c8ffb04909ed947e5475e412b8bf

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: Z2N9YGB1V8SB8QJYRMCJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:17 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=ispot.tv&id=243ae733c88081f28505e5c8536fa10d3485c8ffb04909ed947e5475e412b8bf
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
content-length: 0
retry-after: 0
expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID
https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3D%23PM_USER_ID&rdf=1
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=19200001-CEDF-4DEE-B14E-4E6AC6943057

43 B
479 B

113ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=19200001-CEDF-4DEE-B14E-4E6AC6943057

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6EBYG7C2AZB3RHAT434M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=19200001-CEDF-4DEE-B14E-4E6AC6943057
date: Mon, 30 Jan 2023 06:37:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2 204 sd
us-u.openx.net/w/1.0/ Frame 7E65 0
48 B 39ms
38ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072986&val=Xh79Hpq8RPGi3-cTU07miQ&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3DopenxHMT%26id%3D%7BOPENX_RTB_USERID%7D
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-xr-HMT_n-eq-HMT2_ns_n-ix-HMT_bsw_bk_n-y-HMT_n-visualiq_n-telaria_gem_fw_imdb_n-kr-new_n-improvedigital2_n-lucid_n-samba.tv_n-rb-HMT3_n-fw-HMT1_adelphic_adb_mp_af_sx_n-sk_g_kr_n-comscr.com_ox_index_n-tl-HMT_n-semasio-ecm_an_n-pm-HMT_rb_n-g-hmt_nsln_nd_n-ispot_pm_n-ox-hmt_tbl&fv=1.0&a=cm&ex-pl-n-kr-new=fRvcdKEPRcCUWWg54r5-wg&dmt=3&ex-pl-n-g-hmt=CqsqhWH8Qda4DDfRGsrh5g&ep=ttam_T219Ay-cPciHbT10g8ziWaa65mjXUdp-0zi8d2X7yblAPiSJq8WMkUiCQ-34H92nQQWtJmg9H6t95VznmH59tN9doGsE0uXQvkP9As8S_Fa1rQcQ2fWDDq9wTw-mvYJIM3qhXk-DzL9pCoOswgEC-OKxz6fjgmU4SJ806zJIXxx_zBdYpakq-rEBaqZqtQv5rhGaWKP6_VENXi0IyyFBPfvNUBb1SD40QEY6duOmjg4-6Y6XCWAF1Gw0ipyjObZbE-AecyO9ixvbU-N0tYBZy3-ZQv2O7Yz-jF13XB9GPwCvWTfu7k0-QZhbgHVWDip4Ft9FRQXt3Y7Z__wWevhbrd1P7w3DuJsqotykhQpdhKpxft8j2r7F9hOPldaDhftKLYIWCRye9XsL4KLxc8WPkdfmg-Bk51G61XGiezHlcH3EnNA070W9KpqLVEgWBlDAdbFI8wRMczCLW1aECs7pleSsno8Z5EvQrXrkxAejP_LMQYIHgj6zlO5me1Mz8EfyIAP9-4p-lstd1eeWBXPIOINZu9cmfa7xvsaV04qO7geMU_vfq7A1vGwCxCGmPj7wbYxRqxg0PdgpOK3ypNhmbekzL1Br2NbhXW8JhA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
vary: Accept
content-type: image/gif

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 7E65
Redirect Chain

https://sync.taboola.com/sg/amazon-a9-network/1/rtb
https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=8189b96a-60cd-4dee-9684-645ac0b707b1-tuctad0eb1d

43 B
479 B

114ms
113ms

Image
image/gif

52.46.128.147
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=8189b96a-60cd-4dee-9684-645ac0b707b1-tuctad0eb1d

Requested by

Protocol

HTTP/1.1

Server

52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 30 Jan 2023 06:37:17 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MKSH8ETP0F6FGA3VV61M
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.amazon-adsystem.com/ecm3?ex=taboola.com&id=8189b96a-60cd-4dee-9684-645ac0b707b1-tuctad0eb1d
date: Mon, 30 Jan 2023 06:37:17 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 28012

GET
H2 200 935.9c1541da.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 3 KB
1 KB 134ms
133ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/935.9c1541da.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: c53219fcd73a72d490b99e85451bf90d56b10c0a9556e278e97ed40f1777e25f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 1180
content-type: application/javascript; charset=utf-8

GET
H2 200 735.35135520.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 9 KB
3 KB 133ms
133ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/735.35135520.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: ac6c6b46f4411baafb0c84e6fb8c56dffeb72d3635cebff69dd6f064a2de0bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 3057
content-type: application/javascript; charset=utf-8

GET
H2 200 847.8e38c738.chunk.css
www.shenyun.com/build-dist/cp2023/static/css/ 42 KB
11 KB 134ms
133ms Stylesheet
text/css 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/css/847.8e38c738.chunk.css
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 0a5400b04882d46c70f4ae06c9933549e907ab0b18dbf3cf0b28e9dc64096079

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 10718
content-type: text/css; charset=utf-8

GET
H2 200 847.0ba54153.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 586 KB
162 KB 134ms
133ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/847.0ba54153.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 3513f66a10720709981921c697806a536a4c0bb669e1083b46b0d66ba2072bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:27:06 GMT
content-length: 165946
content-type: application/javascript; charset=utf-8

GET
H2 200 410.b80ce6d2.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 12 KB
4 KB 169ms
168ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/410.b80ce6d2.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3c78228db2a49aa9191e38a941cf43a853a9d3638f7dfd0963f27ff99d0c44f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 4387
content-type: application/javascript; charset=utf-8

GET
H2 200 335.4385b349.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 27 KB
10 KB 169ms
169ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/335.4385b349.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 9e1a6015c1d0434ce35be6876c5f7a26c846a829bd698259c91629d1294346aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:27:06 GMT
content-length: 10467
content-type: application/javascript; charset=utf-8

GET
H2 200 537.abe2ec05.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 25 KB
8 KB 171ms
171ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/537.abe2ec05.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 3ac2bbc7b34961565d5986453dc4f21ccaa7c17f766ec68234d34ed0c94132a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 8499
content-type: application/javascript; charset=utf-8

GET
H2 200 246.ba67cf84.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 16 KB
5 KB 172ms
171ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/246.ba67cf84.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: fb277567a12c6f9718b5ae87d3b30c00da601882cff39503862cae7c7d2fbc47

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 5207
content-type: application/javascript; charset=utf-8

GET
H2 200 143.f52efbad.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 754 B
515 B 172ms
171ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/143.f52efbad.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: ad9f398c31f00789add4eb395c78331fe9f9dca088ebf397116434cb00beb945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:27:06 GMT
content-length: 487
content-type: application/javascript; charset=utf-8

GET
H2 200 548.8835f566.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 2 KB
1 KB 173ms
172ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/548.8835f566.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 636c376824e8cb7c4cd135152eea97262757291327210e1f7245128466db3495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:27:06 GMT
content-length: 1286
content-type: application/javascript; charset=utf-8

GET
H2 200 526.fca1bcf4.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 5 KB
2 KB 172ms
172ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/526.fca1bcf4.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 3f42d3d5d72b2253dda502f4582f38ab432bf59fd0b5f2593036e66b4e2be891

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 2049
content-type: application/javascript; charset=utf-8

GET
H2 200 288.0a58f42c.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 14 KB
5 KB 172ms
171ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/288.0a58f42c.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 0c7131945815e943fd515530d160db128d771244157258dfcbacb71dccd82377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:27:06 GMT
content-length: 4898
content-type: application/javascript; charset=utf-8

GET
H2 200 788.704a9e16.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 2 KB
782 B 172ms
172ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/788.704a9e16.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: cdc6445df601bb6ad78010d358e8dfcb0b2a5d617b3664d1a36f8ba5da2b42bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:26:53 GMT
content-length: 754
content-type: application/javascript; charset=utf-8

GET
H2 200 331.5ef733de.chunk.js Show response
www.shenyun.com/build-dist/cp2023/static/js/ 3 KB
1 KB 255ms
254ms Script
application/javascript 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/build-dist/cp2023/static/js/331.5ef733de.chunk.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: c55f311d12c01e483dc30786e6462f603e1f2fc4cb91ae1908a4fedbfc28992a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:27:06 GMT
content-length: 1468
content-type: application/javascript; charset=utf-8

GET
H2 200 syCore.785707c907bf18df1a6c2ebfd8b4242b.svg
www.shenyun.com/build-dist/cp2023/static/media/ 130 KB
28 KB 209ms
208ms Image
image/svg+xml 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shenyun.com/build-dist/cp2023/static/media/syCore.785707c907bf18df1a6c2ebfd8b4242b.svg
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 411e4697d5c0d1ce2499fddd6ebed6734dfa336ddb9c96f05e4a94288016f7eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 04:27:25 GMT
content-length: 28678
content-type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ed7ba1d68e16e93116d5aa8531e2d6d113eead2cf79536ddd0b443974a6c3d2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0329c33fe5ea976043e1ee708ee125a3e8a510d5a1f90200f2e9c441667a2201

Request headers

Referer
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

POST
H2 200 / Show response
www.facebook.com/tr/ Frame F059 0
72 B 42ms
41ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.shenyun.com
Referer: https://www.shenyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.shenyun.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:37:16 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 city-group-info Show response
www.shenyun.com/la/ 610 B
398 B 195ms
194ms XHR
text/html 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/la/city-group-info?sc=1
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: f7129756df8343b4588f60eab17d5f229a364d689cd440314ea71b8aa1f761ae

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 06:33:28 GMT
content-length: 374
content-type: text/html; charset=UTF-8

GET
H2 200 city-list Show response
www.shenyun.com/la/ 12 KB
2 KB 193ms
193ms XHR
text/html 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shenyun.com/la/city-list?sc=1&
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 40915df571c0a26b95efb544e005d15cccadb002563c0173b80714cb64454377

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
content-encoding: gzip
last-modified: Mon, 30 Jan 2023 06:33:28 GMT
content-length: 2128
content-type: text/html; charset=UTF-8

GET
H2 200 homeTopArea_NoGroupDancer_v2023.1078d339013aa8761e3f.jpg
www.shenyun.com/build-dist/cp2023/static/media/ 1 MB
1 MB 185ms
181ms Image
image/jpeg 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shenyun.com/build-dist/cp2023/static/media/homeTopArea_NoGroupDancer_v2023.1078d339013aa8761e3f.jpg
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 55c759eb8ec502f537f0807c628337df8a9d9fc150dd7ce24fef8bb466936817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
last-modified: Mon, 30 Jan 2023 04:26:45 GMT
content-length: 1128745
content-type: image/jpeg

GET
H2 200 lc2.js Show response
b-code.liadm.com/ 33 KB
12 KB 88ms
24ms Script
application/javascript 2600:9000:2057:4400:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/lc2.js
Requested by: Host: s3-us-west-2.amazonaws.com
URL: https://s3-us-west-2.amazonaws.com/jsstore/a/WN2HRW8/ge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 08d6358b84e668ff9b1b13c3a29b3c89fc526173ac75e060174268bdb6bb44d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 00:24:19 GMT
content-encoding: gzip
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 22377
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: rAT0My3ZArP5zZFakWWbxRr-3YlMQ_Iy5c-JCnaFsEMedVHvw7u4bg==

POST
H/1.1 200
OK page
tracking.ticketingbox.com/ 0
234 B 108ms
108ms Ping
text/html 216.158.231.78
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.ticketingbox.com/page?data=%7B%22eventType%22%3A%22pageload%22%2C%22uuid%22%3A%22df132ac7-e9c9-1834-a623-a094ddf638c0%22%2C%22page%22%3A%22https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale%22%2C%22userId%22%3A0%2C%22siteId%22%3A0%2C%22storeId%22%3A0%2C%22eventId%22%3A0%2C%22scheduleId%22%3A0%2C%22category%22%3A%22%22%2C%22subCategory%22%3A%22%22%2C%22label%22%3A%22%22%2C%22value%22%3A%22%22%2C%22pageInitTime%22%3A1675060636413%2C%22onPageTime%22%3A1%2C%22pageHitCounter%22%3A1%2C%22crossDomainReferer%22%3A%22%22%2C%22externalReferer%22%3A%22%22%2C%22target%22%3A%22https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale%22%2C%22browserTime%22%3A%222023-01-30T06%3A37%3A16%22%2C%22browser%22%3A%7B%22uuid%22%3A%22df132ac7-e9c9-1834-a623-a094ddf638c0%22%2C%22appName%22%3A%22Netscape%22%2C%22appCodeName%22%3A%22Mozilla%22%2C%22appVersion%22%3A%225.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36%22%2C%22cookieEnabled%22%3Atrue%2C%22geolocation%22%3A%7B%7D%2C%22language%22%3A%22en-US%22%2C%22platform%22%3A%22Win32%22%2C%22product%22%3A%22Gecko%22%2C%22userAgent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.119%20Safari%2F537.36%22%2C%22referrer%22%3A%22%22%2C%22screenSize%22%3A%221600x1200%22%2C%22browserTime%22%3A%222023-01-30T06%3A37%3A16%22%2C%22timezoneOffset%22%3A0%2C%22isMobileDevice%22%3A%22%22%7D%2C%22googleTrackingCookie%22%3A%7B%22_ga%22%3A%22GA1.2.1374624689.1675060636%22%2C%22_gid%22%3A%22GA1.2.766364357.1675060636%22%7D%7D
Requested by: Host: tracking.ticketingbox.com
URL: https://tracking.ticketingbox.com/__t2.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 216.158.231.78 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.shenyun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 30 Jan 2023 06:37:16 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK mtc.js Show response
marketing.shenyunonline.com/ 98 KB
28 KB 711ms
277ms Script
application/javascript 69.10.32.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://marketing.shenyunonline.com/mtc.js
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.32.19 Secaucus, United States, ASN19318 (IS-AS-1, US),
Reverse DNS: vda3400b.is.cc
Software: nginx / PHP/7.4.30
Resource Hash: 17c505cb8c8ba8f451115be58127a0efc08e1aca9cbcca4bd25c23e422c02c49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:37:16 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.30
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Methods: GET, POST, OPTIONS
Cache-Control: max-age=0, must-revalidate, private
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Expires: Mon, 30 Jan 2023 06:37:16 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 504ms
74ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613562693283&noscript=1

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.3c17655f.1675060636.8d4df928
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1213778166891471
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 500ms
71ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613311311373&noscript=1

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.3c17655f.1675060636.8d4df92a
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1838710569515982
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 499ms
70ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612797830893&noscript=1

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.3c17655f.1675060636.8d4df92b
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 8828958703195090
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
580 B 501ms
72ms Image
image/gif 23.62.220.203
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613069661836&noscript=1

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.203 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-203.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:16 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.3c17655f.1675060636.8d4df92c
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 4326480200790572
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 3F59 70 B
260 B 48ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=xrrgolm&ct=0:4f0vw3u&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/xrrgolm/4f0vw3u/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 30 Jan 2023 06:37:16 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f2b9677d377c114d706d6cf0c3853946f44fee808de8e32535b4d8c9b31b758

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/jpeg

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 31ms
31ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-16088546-3&cid=1374624689.1675060636&jid=177999954&gjid=141134818&_gid=766364357.1675060636&_u=aCDAgEABQAAAAGAAI~&z=715203408

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.shenyun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 06:37:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shenyun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
34ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2119554401&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&ul=en-us&de=UTF-8&dt=Shen%20Yun%202023%20in%20LA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Click&ea=%5Bobject%20HTMLDivElement%5D&el=&_u=aCDAgEABQAAAACAAI~&jid=177999954&gjid=141134818&cid=1374624689.1675060636&tid=UA-16088546-3&_gid=766364357.1675060636&gtm=2wg1p05VWGVS&z=1814179676

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 02:05:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16280
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 65ms
60ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-16088546-3&cid=1374624689.1675060636&jid=177999954&_u=aCDAgEABQAAAAGAAI~&z=228446303

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 66ms
61ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-16088546-3&cid=1374624689.1675060636&jid=177999954&_u=aCDAgEABQAAAAGAAI~&z=228446303

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 l
use.typekit.net/af/2dfb40/00000000000000007735a05d/30/ 30 KB
30 KB 41ms
28ms Font
application/font-woff2 2a02:26f0:11a::217:9a48
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2dfb40/00000000000000007735a05d/30/l?primer=c9e3d14e497143dc5d9f280a9dc09e2fae4985134156b11dbce2eed03bb7e46d&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/vfi2kwh.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::217:9a48 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 72bff1145959296231d27985c4902c56b6d0a59781beeb0892867e8ca74d69fb

Request headers

Referer: https://use.typekit.net/vfi2kwh.css
Origin: https://www.shenyun.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
server: nginx
etag: "fff6e3d1c4111e56f357e01222ee91eaf9e25a95"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30740

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1675060636670&se=e30&duid=695bdd977528--01gr0p9ttvfgdk6dkm9kcn1az0&tna=v2.6.0&pu=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_sourc...
https://rp4.liadm.com/j?dtstmp=1675060636670&se=e30&duid=695bdd977528--01gr0p9ttvfgdk6dkm9kcn1az0&tna=v2.6.0&pu=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_sour...

13 B
551 B

505ms
113ms

XHR
application/json

18.207.63.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1675060636670&se=e30&duid=695bdd977528--01gr0p9ttvfgdk6dkm9kcn1az0&tna=v2.6.0&pu=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDEyOjMyZGI6NjliZjpjYzc%3D&n3pc=true

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale

Protocol

Server

18.207.63.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-207-63-238.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
x-pixel-event-id: 45d6d716-c937-4842-b774-6c56ce4000d8
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: ec12b0cc1eb45a41
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Mon, 30 Jan 2023 06:37:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1675060636670&se=e30&duid=695bdd977528--01gr0p9ttvfgdk6dkm9kcn1az0&tna=v2.6.0&pu=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&wpn=lc-bundle&i6=MjAwMToxYjYwOjEwMTA6MzoxMDEyOjMyZGI6NjliZjpjYzc%3D&n3pc=true
access-control-allow-origin: https://www.shenyun.com
request-time: 0
access-control-allow-credentials: true
trace-id: b312cd37998ab340
content-length: 0
x-xss-protection: 1; mode=block

GET
H3 200 cJlL1Q1dzv0 Show response
www.youtube.com/embed/ Frame 6D1F 69 KB
28 KB 121ms
112ms Document
text/html 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0

Requested by

Host: www.shenyun.com
URL: https://www.shenyun.com/build-dist/cp2023/static/js/main.e3bf3dbc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

20379af3458f0a4e5486a74d854d0f7a2f7a2926ed301e322bb7bb8610a1457e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.shenyun.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 06:37:16 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Response matomo.php
matomo.ticketingbox.com/ 0
342 B 271ms
270ms Ping
text/html 162.251.166.218
DEDICATED

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.ticketingbox.com/matomo.php?action_name=Shen%20Yun%202023%20in%20LA&idsite=6&rec=1&r=460487&h=6&m=37&s=16&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&_id=59eda5594686f5d6&_idn=1&_rcn=ca_sale&_refts=1675060637&send_image=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=A4aI8L&pf_net=444&pf_srv=134&pf_tfr=3&pf_dm1=864
Requested by: Host: matomo.ticketingbox.com
URL: https://matomo.ticketingbox.com/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.251.166.218 Los Angeles, United States, ASN63018 (DEDICATED, US),
Reverse DNS: pour-screen.talksmarts.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.32 / PHP/7.2.32
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.shenyun.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

Date: Mon, 30 Jan 2023 06:37:16 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.32
X-Powered-By: PHP/7.2.32
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.shenyun.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99

GET
H2 200 slideshow-thumb-1.fc1776e38e3bc4f52ce8.jpg
www.shenyun.com/build-dist/cp2023/static/media/ 90 KB
91 KB 133ms
133ms Image
image/jpeg 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shenyun.com/build-dist/cp2023/static/media/slideshow-thumb-1.fc1776e38e3bc4f52ce8.jpg
Requested by: Host: www.shenyun.com
URL: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 74a044908beeb6e9b163f9cfe4a5e9d5378c135fd30f425e73fc27a32aa5057c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:16 GMT
last-modified: Mon, 30 Jan 2023 04:26:51 GMT
content-length: 92583
content-type: image/jpeg

GET
H/1.1 200
OK configs.php Show response
matomo.ticketingbox.com/plugins/HeatmapSessionRecording/ 116 B
374 B 451ms
191ms Script
application/javascript 162.251.166.218
DEDICATED

General

Check archive.org

Show headers Download Go to

Full URL: https://matomo.ticketingbox.com/plugins/HeatmapSessionRecording/configs.php?idsite=6&trackerid=MtnIUP&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale
Requested by: Host: matomo.ticketingbox.com
URL: https://matomo.ticketingbox.com/matomo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.251.166.218 Los Angeles, United States, ASN63018 (DEDICATED, US),
Reverse DNS: pour-screen.talksmarts.com
Software: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.32 / PHP/7.2.32
Resource Hash: 4b9b5c9b444cc1a3fd0ed56e77b5c1a25a9e2769b5ed72d7dac18cb5f865ab54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:37:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.2.32
Connection: Keep-Alive
X-Powered-By: PHP/7.2.32
Content-Length: 116
Keep-Alive: timeout=5, max=98
Content-Type: application/javascript

GET
H3 200 www-player.css
www.youtube.com/s/player/4248d311/ Frame 6D1F 360 KB
49 KB 36ms
34ms Stylesheet
text/css 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 09:00:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 250597
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49911
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Jan 2024 09:00:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6D1F 15 KB
15 KB 37ms
35ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 13:18:51 GMT
x-content-type-options: nosniff
age: 580706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 13:18:51 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6D1F 15 KB
15 KB 44ms
42ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 03:11:30 GMT
x-content-type-options: nosniff
age: 271547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 03:11:30 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/4248d311/www-embed-player.vflset/ Frame 6D1F 342 KB
107 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 06:50:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 344828
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109432
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 26 Jan 2024 06:50:09 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 6D1F 2 MB
598 KB 50ms
50ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a433e03ca9fc6dbff0d21de71dd9bdd710808a0833683aad93788ff208f0e306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 13:18:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 580706
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 612479
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 23 Jan 2024 13:18:51 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/ Frame 6D1F 9 KB
3 KB 47ms
46ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sat, 28 Jan 2023 11:23:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 155645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2786
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 28 Jan 2024 11:23:12 GMT

POST
H/1.1 200
OK event Show response
marketing.shenyunonline.com/mtc/ 116 B
1 KB 481ms
480ms XHR
application/json 69.10.32.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://marketing.shenyunonline.com/mtc/event
Requested by: Host: marketing.shenyunonline.com
URL: https://marketing.shenyunonline.com/mtc.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.32.19 Secaucus, United States, ASN19318 (IS-AS-1, US),
Reverse DNS: vda3400b.is.cc
Software: nginx / PHP/7.4.30
Resource Hash: d0ab6acd9f1ea57ff2012487b3197776804516543820a88e323542753acbf6b1

Request headers

Referer: https://www.shenyun.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Mon, 30 Jan 2023 06:37:17 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.4.30
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://www.shenyun.com
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS, GET, POST, OPTIONS
Cache-Control: max-age=0, must-revalidate, private
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 36000
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Authorization, Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Expires: Mon, 30 Jan 2023 06:37:17 GMT

OPTIONS
H/1.1 204
No Content event
marketing.shenyunonline.com/mtc/ Frame 0
0 314ms
108ms Preflight
text/html 69.10.32.19
IS-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://marketing.shenyunonline.com/mtc/event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.10.32.19 Secaucus, United States, ASN19318 (IS-AS-1, US),
Reverse DNS: vda3400b.is.cc
Software: nginx / PHP/7.4.30
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.shenyun.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Authorization Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS GET, POST, OPTIONS
Access-Control-Allow-Origin: https://www.shenyun.com
Access-Control-Max-Age: 36000
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 30 Jan 2023 06:37:17 GMT
Server: nginx
X-Powered-By: PHP/7.4.30

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 6D1F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
159 B

56ms
55ms

XHR
application/json

2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Protocol

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc08a0c3e8778452e39450ed60c07cb3cec83f305b996c35a8502d8ceaa3cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 30 Jan 2023 06:37:17 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 6D1F 29 B
495 B 143ms
36ms Script
text/javascript 2a00:1450:400d:807::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:32:14 GMT
x-content-type-options: nosniff
age: 303
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 30 Jan 2023 06:47:14 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 166ms
59ms Preflight
text/html 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 30 Jan 2023 06:37:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6D1F 66 KB
30 KB 73ms
64ms XHR
application/json+protobuf 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eaf5fb323b1c7feda155c99e92c8a0414292cab6329ac9f2b5f595a988d60bdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30914
x-xss-protection: 0

POST
H3 200 player Show response
www.youtube.com/youtubei/v1/ Frame 6D1F 71 KB
22 KB 139ms
139ms XHR
application/json 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

24b10d0f112fe4cf21d30210eb05dc22585a2faa436af56def617475f0c550d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230111.01.00
X-Goog-Visitor-Id: CgtGdWh0VjNRbU1ocyicy92eBg%3D%3D

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22965
x-xss-protection: 0
expires: Mon, 30 Jan 2023 06:37:17 GMT

GET
H3 200 J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js Show response
www.google.com/js/th/ Frame 6D1F 36 KB
14 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/J0Wtb-3apQjiEgHhOVup9kp7pTLa1a3i127gprViyoA.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2745ad6feddaa508e21201e1395ba9f64a7ba532dad5ade2d76ee0a6b562ca80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 14:06:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 318675
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14261
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 14:06:02 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 6D1F 26 KB
8 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce0d28ff580ad038695051ae756991625aa3882e7ae7e743d00f37bf17ff833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 05:03:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 524043
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8398
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Jan 2024 05:03:14 GMT

GET
DATA 200
OK truncated
/ Frame 6D1F 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 vQb4GUEiLc-FM7z8Cs7D05f9vtGbLAOrZNdCOX7o9EtXUM-dN-1CWQIgAZShILbqgOmCaV2P=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 6D1F 4 KB
5 KB 151ms
30ms Image
image/jpeg 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/vQb4GUEiLc-FM7z8Cs7D05f9vtGbLAOrZNdCOX7o9EtXUM-dN-1CWQIgAZShILbqgOmCaV2P=s68-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d36ddc90f104f54c0d9b9a5ffef6aeb21194de337098d8905707ec506d2e4ec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 04:44:09 GMT
x-content-type-options: nosniff
age: 6788
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4309
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 30 Jan 2023 15:37:33 GMT

GET
DATA 200
OK truncated
/ Frame 6D1F 368 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5e464f6d6d41efc599acd2d6885a9aca2119fbb3cdd8f145b8f04fd09301cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 6D1F 0
20 B 58ms
58ms XHR
text/html 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=243&afmt=251&cpn=hzoETNTZsRmMrZU4&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24415864%2C24430382%2C24436455%2C24439360%2C24450328%2C24451033&cl=501313814&seq=1&docid=cJlL1Q1dzv0&ei=nWXXY8PyFJad8gO97pfoDw&event=streamingstats&plid=AAXzdXJEod_D0tck&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FcJlL1Q1dzv0%3Fautoplay%3D1%26cc_load_policy%3D1%26controls%3D1%26disablekb%3D0%26enablejsapi%3D0%26fs%3D1%26iv_load_policy%3D1%26loop%3D0%26rel%3D0%26showinfo%3D1%26start%3D0%26wmode%3Dtransparent%26theme%3Ddark%26mute%3D0&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230111.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&vps=0.000:N,0.007:B,0.203:B,0.203:B&cmt=0.007:0.000,0.203:0.000&afs=0.202:251::i&vfs=0.203:243:302::r&view=0.203:1140:641&bwe=0.203:130000&bat=0.203:1:1&vis=0.203:0&bh=0.203:0.000

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtGdWh0VjNRbU1ocyicy92eBg%3D%3D
X-YouTube-Ad-Signals: dt=1675060637224&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1140%2C641&vis=1&wgl=true&ca_type=image&bid=ANyPxKoPCTQSkpSBx12aztVRYHJylT_LaTwNbgfWoJpzHG7o-6bnS3Ah55cTrEke8p5XhBQtcQzXP6KOkF6Uu64Jv35V8fU7pQ

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:17 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 119 KB
120 KB 127ms
23ms Fetch
video/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1675082237&ei=nWXXY8PyFJad8gO97pfoDw&ip=2001%3A1b60%3A1010%3A3%3A1012%3A32db%3A69bf%3Acc7&id=o-AGpARYsnAp-kGeD2FVi24ISOSpJ1mz9Rx-dq2T-t7D1R&itag=243&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=3E&mm=31%2C26&mn=sn-4g5ednd7%2Csn-h0jeenl6&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=7123750&spc=H3gIhsN_IJDvlajQSl9r1xc9e8q0CRg&vprv=1&mime=video%2Fwebm&ns=W8A4ytmpd5H44imsOkGn-ZgL&gir=yes&clen=4748606&dur=120.086&lmt=1672184304032224&mt=1675060390&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=543E434&n=2eMqymay9dLMYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRAIgRBy8OYMETqvKeN7jJUAWkD-NgGcY0AdoHmLCDxxsU70CIBXZnSniU-MwV_niq3FCWitD7FkxxwJotgDCtEWilnsO&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANF5nHtVktUnEKJvUNzzdGkXZV63LnErTGW4w80onadAAiEAxgWPyji32kkmisM81jHjhZMKTy1kaEGVnwalMQkdUgI%3D&alr=yes&cpn=hzoETNTZsRmMrZU4&cver=1.20230111.01.00&range=0-121691&rn=1&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4b08015344e8f25ac3fb1f3636f5af4c99ea716b621aef4356bcc05480edd49b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:37:17 GMT
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 121692
Last-Modified: Tue, 27 Dec 2022 23:38:24 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 30 Jan 2023 06:37:17 GMT

POST
H/1.1 200
OK videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 64 KB
66 KB 126ms
24ms Fetch
audio/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1675082237&ei=nWXXY8PyFJad8gO97pfoDw&ip=2001%3A1b60%3A1010%3A3%3A1012%3A32db%3A69bf%3Acc7&id=o-AGpARYsnAp-kGeD2FVi24ISOSpJ1mz9Rx-dq2T-t7D1R&itag=251&source=youtube&requiressl=yes&mh=3E&mm=31%2C26&mn=sn-4g5ednd7%2Csn-h0jeenl6&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=7123750&spc=H3gIhsN_IJDvlajQSl9r1xc9e8q0CRg&vprv=1&mime=audio%2Fwebm&ns=W8A4ytmpd5H44imsOkGn-ZgL&gir=yes&clen=2026164&dur=120.121&lmt=1672183781800604&mt=1675060390&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=2eMqymay9dLMYQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAI6TM5Xo47WTffv-gAfu5hV19aErLTgkwUlFRL0Xnr5sAiBtZwxLnn_c_GGrnrnI4yoR8ck8INpornPECHnwPwKLog%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANF5nHtVktUnEKJvUNzzdGkXZV63LnErTGW4w80onadAAiEAxgWPyji32kkmisM81jHjhZMKTy1kaEGVnwalMQkdUgI%3D&alr=yes&cpn=hzoETNTZsRmMrZU4&cver=1.20230111.01.00&range=0-66019&rn=2&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

bcfba845412bf8229c214acc9642eb3af0f3afedf3ddc5703b4a2e85cdcaffc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 06:37:17 GMT
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 66020
Last-Modified: Tue, 27 Dec 2022 23:29:41 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: audio/webm
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=21300
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://www.youtube.com
Expires: Mon, 30 Jan 2023 06:37:17 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 6D1F 119 KB
37 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5664fcf19557b11d3f0fcc04ddc212955127891377cb7ebfe411dc46ab2c93e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 15:56:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 312066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37359
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 26 Jan 2024 15:56:11 GMT

GET
H3 200 captions.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 6D1F 68 KB
25 KB 37ms
36ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/captions.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cc2cde2273ba7e8b0c22de33b0fd7a4c6ad2dc4411f1c700beb2a194621db88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 15:53:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 225825
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25792
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Jan 2024 15:53:32 GMT

GET
H3 200 endscreen.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 6D1F 32 KB
9 KB 37ms
37ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/endscreen.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f0513d6793b806f0ca7dc963a8a131e92383c7f21497147b053902ab1ad5ac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 01:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 537488
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8964
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 24 Jan 2024 01:19:09 GMT

GET
H3 200 annotations_module.js Show response
www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/ Frame 6D1F 68 KB
20 KB 38ms
38ms Script
text/javascript 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/annotations_module.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ce7977883d986157e0890a960923229f21d982e48b0e78901b3f820ad637a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 20:21:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20420
x-xss-protection: 0
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 29 Jan 2024 20:21:33 GMT

POST
H3 200 next Show response
www.youtube.com/youtubei/v1/ Frame 6D1F 6 KB
2 KB 215ms
215ms XHR
application/json 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/next?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

bdbf8170062fb6fdc91d311d55bb7e0a5a834cf6825c23ff80eef3c7d8027481

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Youtube-Bootstrap-Logged-In: false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20230111.01.00
X-Goog-Visitor-Id: CgtGdWh0VjNRbU1ocyicy92eBg%3D%3D

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2014
x-xss-protection: 0
expires: Mon, 30 Jan 2023 06:37:17 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/cJlL1Q1dzv0/ Frame 6D1F 87 KB
87 KB 223ms
120ms Image
image/jpeg 2a00:1450:400d:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/cJlL1Q1dzv0/maxresdefault.jpg?sqp=-oaymwEmCIAKENAF8quKqQMa8AEB-AH-DoACuAiKAgwIABABGDcgRih_MA8=&rs=AOn4CLD9fSMSCqjA3geWnOi7Q1ZfuFIf6g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7e88d8f10d2445054bcf8c4e4652e40a3b082ebcdb95488a033823c5d1b2871

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88940
x-xss-protection: 0
server: sffe
etag: "1671809466"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 30 Jan 2023 08:37:17 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 6D1F 90 B
134 B 61ms
60ms XHR
application/json+protobuf 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

79468e0799ca774e0fd0ebe70b7a170bf516aaaa5e85b8fe3bbef32cd277599a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 57ms
57ms Preflight
text/html 2a00:1450:400d:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Mon, 30 Jan 2023 06:37:17 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 6D1F 4 KB
2 KB 172ms
80ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 06:37:17 GMT

GET
H2 200 featured_channel.jpg
i.ytimg.com/an/_z8ERuOLTrlAaopY0gxzsA/ Frame 6D1F 8 KB
9 KB 76ms
34ms Image
image/jpeg 2a00:1450:400d:802::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/an/_z8ERuOLTrlAaopY0gxzsA/featured_channel.jpg?v=55302473

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2016 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d89bcb22b5ae8465bdb0228d212bcff6adf31e11340a59288d2e4c8e0cd1ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 05:39:50 GMT
x-content-type-options: nosniff
age: 3447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8604
x-xss-protection: 0
server: sffe
etag: "1429218419"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 30 Jan 2023 07:39:50 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 592 B
618 B 89ms
65ms Fetch
video/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1675082237&ei=nWXXY8PyFJad8gO97pfoDw&ip=2001%3A1b60%3A1010%3A3%3A1012%3A32db%3A69bf%3Acc7&id=o-AGpARYsnAp-kGeD2FVi24ISOSpJ1mz9Rx-dq2T-t7D1R&itag=302&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=3E&mm=31%2C26&mn=sn-4g5ednd7%2Csn-h0jeenl6&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=7123750&spc=H3gIhsN_IJDvlajQSl9r1xc9e8q0CRg&vprv=1&mime=video%2Fwebm&ns=W8A4ytmpd5H44imsOkGn-ZgL&gir=yes&clen=23872650&dur=120.103&lmt=1672184225659151&mt=1675060390&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=543E434&n=2eMqymay9dLMYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAP2WPSc4lQ7hXEGGtgCc4XoG0zOwbh5MrKgFbaS9a63GAiBO7gFx_VTJC87l3aALcsiub9ktFGi-6BetSIocDqANkQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANF5nHtVktUnEKJvUNzzdGkXZV63LnErTGW4w80onadAAiEAxgWPyji32kkmisM81jHjhZMKTy1kaEGVnwalMQkdUgI%3D&alr=yes&cpn=hzoETNTZsRmMrZU4&cver=1.20230111.01.00&range=0-591&rn=3&rbuf=0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5254be59f96fc0d8f3d5abcc6959fe0a0e600dd6a16335fe6f7fa70eb7afbda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 30 Jan 2023 06:37:17 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 592
last-modified: Tue, 27 Dec 2022 23:37:05 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Jan 2023 06:37:17 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 118 KB
118 KB 28ms
22ms Fetch
video/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

d863b6128c314592fa8f4f52bd0d275a939012991ec72e55502046f58d4fa10a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 30 Jan 2023 06:37:17 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121107
last-modified: Tue, 27 Dec 2022 23:38:24 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Jan 2023 06:37:17 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 8 KB
8 KB 21ms
21ms Fetch
video/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

01af1a8d03b4d01fa82cb1fed9fcdeb30247a59492032052038aff08fac07546

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 30 Jan 2023 06:37:17 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7711
last-modified: Tue, 27 Dec 2022 23:38:24 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Jan 2023 06:37:17 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/109/ Frame 6D1F 50 KB
15 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/109/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 11:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14851
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 15:07:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 30 Jan 2023 11:33:55 GMT

GET
H2 200 vQb4GUEiLc-FM7z8Cs7D05f9vtGbLAOrZNdCOX7o9EtXUM-dN-1CWQIgAZShILbqgOmCaV2P=s88-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 6D1F 6 KB
6 KB 36ms
35ms Image
image/jpeg 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/vQb4GUEiLc-FM7z8Cs7D05f9vtGbLAOrZNdCOX7o9EtXUM-dN-1CWQIgAZShILbqgOmCaV2P=s88-c-k-c0x00ffffff-no-rj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

292e811499d7509b1afc5273618b110f2fc0049b9ec48d9a20b8a1de21547c1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 03:11:25 GMT
x-content-type-options: nosniff
age: 12352
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6093
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 23 Jan 2023 22:49:26 GMT

POST
H3 204 qoe Show response
www.youtube.com/api/stats/ Frame 6D1F 0
20 B 57ms
56ms XHR
text/html 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/api/stats/qoe?fmt=302&afmt=251&cpn=hzoETNTZsRmMrZU4&el=embedded&ns=yt&fexp=23983296%2C24004644%2C24007246%2C24080738%2C24135310%2C24169501%2C24415864%2C24430382%2C24436455%2C24439360%2C24450328%2C24451033&cl=501313814&seq=2&docid=cJlL1Q1dzv0&ei=nWXXY8PyFJad8gO97pfoDw&event=streamingstats&plid=AAXzdXJEod_D0tck&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2FcJlL1Q1dzv0%3Fautoplay%3D1%26cc_load_policy%3D1%26controls%3D1%26disablekb%3D0%26enablejsapi%3D0%26fs%3D1%26iv_load_policy%3D1%26loop%3D0%26rel%3D0%26showinfo%3D1%26start%3D0%26wmode%3Dtransparent%26theme%3Ddark%26mute%3D0&cbr=Chrome&cbrver=109.0.5414.119&c=WEB_EMBEDDED_PLAYER&cver=1.20230111.01.00&cplayer=UNIPLAYER&cos=Windows&cosver=10.0&cplatform=DESKTOP&cmt=0.224:0.000,0.584:0.000&vps=0.224:N,0.584:N&ctmp=dompaused:t.228;r.promise;m.NotAllowedError&vfs=0.584:302:302:243:r&view=0.584:1140:641&bwm=0.584:317122:0.620&bwe=0.584:657159&bat=0.584:1:1&bh=0.584:3.803&df=0.584:0

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Video Stats Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtGdWh0VjNRbU1ocyicy92eBg%3D%3D
X-YouTube-Ad-Signals: dt=1675060637224&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1140%2C641&vis=1&wgl=true&ca_type=image&bid=ANyPxKoPCTQSkpSBx12aztVRYHJylT_LaTwNbgfWoJpzHG7o-6bnS3Ah55cTrEke8p5XhBQtcQzXP6KOkF6Uu64Jv35V8fU7pQ

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:17 GMT
x-content-type-options: nosniff
server: Video Stats Server
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 655 KB
655 KB 24ms
21ms Fetch
video/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1675082237&ei=nWXXY8PyFJad8gO97pfoDw&ip=2001%3A1b60%3A1010%3A3%3A1012%3A32db%3A69bf%3Acc7&id=o-AGpARYsnAp-kGeD2FVi24ISOSpJ1mz9Rx-dq2T-t7D1R&itag=302&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=3E&mm=31%2C26&mn=sn-4g5ednd7%2Csn-h0jeenl6&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=7123750&spc=H3gIhsN_IJDvlajQSl9r1xc9e8q0CRg&vprv=1&mime=video%2Fwebm&ns=W8A4ytmpd5H44imsOkGn-ZgL&gir=yes&clen=23872650&dur=120.103&lmt=1672184225659151&mt=1675060390&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=543E434&n=2eMqymay9dLMYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAP2WPSc4lQ7hXEGGtgCc4XoG0zOwbh5MrKgFbaS9a63GAiBO7gFx_VTJC87l3aALcsiub9ktFGi-6BetSIocDqANkQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANF5nHtVktUnEKJvUNzzdGkXZV63LnErTGW4w80onadAAiEAxgWPyji32kkmisM81jHjhZMKTy1kaEGVnwalMQkdUgI%3D&alr=yes&cpn=hzoETNTZsRmMrZU4&cver=1.20230111.01.00&range=1255081-1925459&rn=6&rbuf=4137&pot=D89WOHEpKNpDz24nT9erTJPjH27w9_AzqaEG0c_hYU4l2mvx6Q3lRzvaq8fN3Z-6iNr4_cHaS-VavO8EEjX55DmUAZsRotyE19VyVyA2iproamw4y_wwyv21MVkuYHtDbdudCOs=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

c5891fef2781a17cc05f3acf6824835a8a99c5e16afe3466fcb1b443841b307c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 30 Jan 2023 06:37:17 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 670379
last-modified: Tue, 27 Dec 2022 23:37:05 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21300
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Jan 2023 06:37:17 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6D1F 28 B
57 B 65ms
63ms XHR
application/json 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Goog-Request-Time: 1675060637933
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtGdWh0VjNRbU1ocyicy92eBg%3D%3D
X-YouTube-Ad-Signals: dt=1675060637130&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1140%2C641&vis=1&wgl=true&ca_type=image&bid=ANyPxKoPCTQSkpSBx12aztVRYHJylT_LaTwNbgfWoJpzHG7o-6bnS3Ah55cTrEke8p5XhBQtcQzXP6KOkF6Uu64Jv35V8fU7pQ

Response headers

date: Mon, 30 Jan 2023 06:37:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Mon, 30 Jan 2023 06:37:17 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 64 KB
64 KB 21ms
21ms Fetch
audio/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1675082237&ei=nWXXY8PyFJad8gO97pfoDw&ip=2001%3A1b60%3A1010%3A3%3A1012%3A32db%3A69bf%3Acc7&id=o-AGpARYsnAp-kGeD2FVi24ISOSpJ1mz9Rx-dq2T-t7D1R&itag=251&source=youtube&requiressl=yes&mh=3E&mm=31%2C26&mn=sn-4g5ednd7%2Csn-h0jeenl6&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=7123750&spc=H3gIhsN_IJDvlajQSl9r1xc9e8q0CRg&vprv=1&mime=audio%2Fwebm&ns=W8A4ytmpd5H44imsOkGn-ZgL&gir=yes&clen=2026164&dur=120.121&lmt=1672183781800604&mt=1675060390&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=2eMqymay9dLMYQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAI6TM5Xo47WTffv-gAfu5hV19aErLTgkwUlFRL0Xnr5sAiBtZwxLnn_c_GGrnrnI4yoR8ck8INpornPECHnwPwKLog%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANF5nHtVktUnEKJvUNzzdGkXZV63LnErTGW4w80onadAAiEAxgWPyji32kkmisM81jHjhZMKTy1kaEGVnwalMQkdUgI%3D&alr=yes&cpn=hzoETNTZsRmMrZU4&cver=1.20230111.01.00&range=66020-131555&rn=7&rbuf=4082&pot=D89WOHEpKNpDz24nT9erTJPjH27w9_AzqaEG0c_hYU4l2mvx6Q3lRzvaq8fN3Z-6iNr4_cHaS-VavO8EEjX55DmUAZsRotyE19VyVyA2iproamw4y_wwyv21MVkuYHtDbdudCOs=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

ab802de9a889b230f649d5f22a8d100fa827d7896a394a12e66701bef82b4f36

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 30 Jan 2023 06:37:18 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65536
last-modified: Tue, 27 Dec 2022 23:29:41 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Jan 2023 06:37:18 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 2 MB
2 MB 22ms
22ms Fetch
video/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1675082237&ei=nWXXY8PyFJad8gO97pfoDw&ip=2001%3A1b60%3A1010%3A3%3A1012%3A32db%3A69bf%3Acc7&id=o-AGpARYsnAp-kGeD2FVi24ISOSpJ1mz9Rx-dq2T-t7D1R&itag=302&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=3E&mm=31%2C26&mn=sn-4g5ednd7%2Csn-h0jeenl6&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=7123750&spc=H3gIhsN_IJDvlajQSl9r1xc9e8q0CRg&vprv=1&mime=video%2Fwebm&ns=W8A4ytmpd5H44imsOkGn-ZgL&gir=yes&clen=23872650&dur=120.103&lmt=1672184225659151&mt=1675060390&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=543E434&n=2eMqymay9dLMYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAP2WPSc4lQ7hXEGGtgCc4XoG0zOwbh5MrKgFbaS9a63GAiBO7gFx_VTJC87l3aALcsiub9ktFGi-6BetSIocDqANkQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANF5nHtVktUnEKJvUNzzdGkXZV63LnErTGW4w80onadAAiEAxgWPyji32kkmisM81jHjhZMKTy1kaEGVnwalMQkdUgI%3D&alr=yes&cpn=hzoETNTZsRmMrZU4&cver=1.20230111.01.00&range=1925460-4022611&rn=8&rbuf=6858&pot=D89WOHEpKNpDz24nT9erTJPjH27w9_AzqaEG0c_hYU4l2mvx6Q3lRzvaq8fN3Z-6iNr4_cHaS-VavO8EEjX55DmUAZsRotyE19VyVyA2iproamw4y_wwyv21MVkuYHtDbdudCOs=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

087f4098ae94244966a9ae07569e0b1d4fe4604c7b7fc292931d192e7a10a0ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 30 Jan 2023 06:37:18 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2097152
last-modified: Tue, 27 Dec 2022 23:37:05 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Jan 2023 06:37:18 GMT

GET
H2 204 72731 Show response
idx.liadm.com/idex/unknown/ 0
312 B 488ms
114ms XHR
text/plain 34.231.246.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/72731?duid=695bdd977528--01gr0p9ttvfgdk6dkm9kcn1az0&resolve=md5

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.246.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-246-225.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://www.shenyun.com
date: Mon, 30 Jan 2023 06:37:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: d2ce34eb3200a34f
vary: Origin
request-time: 2

GET
H2 204 72731 Show response
idx.liadm.com/idex/unknown/ 0
312 B 487ms
115ms XHR
text/plain 34.231.246.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/72731?duid=695bdd977528--01gr0p9ttvfgdk6dkm9kcn1az0&resolve=md5

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/lc2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.246.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-246-225.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin: https://www.shenyun.com
date: Mon, 30 Jan 2023 06:37:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
trace-id: 1efad752bc6f287b
vary: Origin
request-time: 3

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-suppression&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-suppression&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%...

42 B
351 B

194ms
194ms

Image
image/gif

50.112.131.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-suppression&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tdc=1
Protocol: H2
Server: 50.112.131.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-131-245.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Mon, 30 Jan 2023 06:37:18 GMT
server: nginx/1.18.0
content-type: image/GIF

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-suppression&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tdc=1
date: Mon, 30 Jan 2023 06:37:18 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server: nginx/1.18.0
content-type: image/GIF

POST
H3 200 videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 141 KB
141 KB 22ms
21ms Fetch
audio/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1675082237&ei=nWXXY8PyFJad8gO97pfoDw&ip=2001%3A1b60%3A1010%3A3%3A1012%3A32db%3A69bf%3Acc7&id=o-AGpARYsnAp-kGeD2FVi24ISOSpJ1mz9Rx-dq2T-t7D1R&itag=251&source=youtube&requiressl=yes&mh=3E&mm=31%2C26&mn=sn-4g5ednd7%2Csn-h0jeenl6&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=7123750&spc=H3gIhsN_IJDvlajQSl9r1xc9e8q0CRg&vprv=1&mime=audio%2Fwebm&ns=W8A4ytmpd5H44imsOkGn-ZgL&gir=yes&clen=2026164&dur=120.121&lmt=1672183781800604&mt=1675060390&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=2eMqymay9dLMYQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAI6TM5Xo47WTffv-gAfu5hV19aErLTgkwUlFRL0Xnr5sAiBtZwxLnn_c_GGrnrnI4yoR8ck8INpornPECHnwPwKLog%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANF5nHtVktUnEKJvUNzzdGkXZV63LnErTGW4w80onadAAiEAxgWPyji32kkmisM81jHjhZMKTy1kaEGVnwalMQkdUgI%3D&alr=yes&cpn=hzoETNTZsRmMrZU4&cver=1.20230111.01.00&range=131556-276327&rn=9&rbuf=8164&pot=D89WOHEpKNpDz24nT9erTJPjH27w9_AzqaEG0c_hYU4l2mvx6Q3lRzvaq8fN3Z-6iNr4_cHaS-VavO8EEjX55DmUAZsRotyE19VyVyA2iproamw4y_wwyv21MVkuYHtDbdudCOs=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

689a22790c2e4aa279661e5ff277609941271ad1d7b3f7b4cbbc2229dfac8528

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 30 Jan 2023 06:37:18 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144772
last-modified: Tue, 27 Dec 2022 23:29:41 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21299
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Jan 2023 06:37:18 GMT

GET
H2

200

p.gif
p.alocdn.com/c/vn3d8u2u/a/etarget/
Redirect Chain

https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fwn2hrw8%252Fge.js%2522%252C...
https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fwn2hrw8%252Fge.js%2522%252C...

42 B
350 B

193ms
193ms

Image
image/gif

50.112.131.245
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fwn2hrw8%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.0%2522%252C%2522guid%2522%253A%25228b974a1b-7db3-4ce1-844d-1db54ce09b4c%2522%257D&title=Shen%20Yun%202023%20in%20LA&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tdc=1
Protocol: H2
Server: 50.112.131.245 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-50-112-131-245.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Mon, 30 Jan 2023 06:37:18 GMT
server: nginx/1.18.0
content-type: image/GIF

Redirect headers

location: /c/vn3d8u2u/a/etarget/p.gif?label=WN2HRW8-collect-%257B%2522script%2522%253A%2522https%253A%252F%252Fs3-us-west-2.amazonaws.com%252Fjsstore%252Fa%252Fwn2hrw8%252Fge.js%2522%252C%2522ver%2522%253A%25221.6.0%2522%252C%2522guid%2522%253A%25228b974a1b-7db3-4ce1-844d-1db54ce09b4c%2522%257D&title=Shen%20Yun%202023%20in%20LA&url=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&tdc=1
date: Mon, 30 Jan 2023 06:37:18 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
server: nginx/1.18.0
content-type: image/GIF

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 6D1F 28 B
57 B 60ms
60ms XHR
application/json 2a00:1450:400d:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:802::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
X-Goog-Request-Time: 1675060639969
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/cJlL1Q1dzv0?autoplay=1&cc_load_policy=1&controls=1&disablekb=0&enablejsapi=0&fs=1&iv_load_policy=1&loop=0&rel=0&showinfo=1&start=0&wmode=transparent&theme=dark&mute=0
X-YouTube-Client-Version: 1.20230111.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtGdWh0VjNRbU1ocyicy92eBg%3D%3D
X-YouTube-Ad-Signals: dt=1675060637130&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1140%2C641&vis=1&wgl=true&ca_type=image&bid=ANyPxKoPCTQSkpSBx12aztVRYHJylT_LaTwNbgfWoJpzHG7o-6bnS3Ah55cTrEke8p5XhBQtcQzXP6KOkF6Uu64Jv35V8fU7pQ

Response headers

date: Mon, 30 Jan 2023 06:37:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Mon, 30 Jan 2023 06:37:20 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
45 B 29ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1ENQVSTJF6&gtm=2oe1p0&_p=2119554401&cid=1374624689.1675060636&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1675060635&sct=1&seg=0&dl=https%3A%2F%2Fwww.shenyun.com%2Fla%3Fvideoid%3DcJlL1Q1dzv0%26playvideo%3D1%26utm_source%3Dshenyun%26utm_medium%3Demail%26utm_campaign%3Dca_sale&dt=Shen%20Yun%202023%20in%20LA&en=scroll&epn.percent_scrolled=90&_et=9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1ENQVSTJF6&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 06:37:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.shenyun.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 slideshow-thumb-2.e0c491bce1e38a26c67d.jpg
www.shenyun.com/build-dist/cp2023/static/media/ 82 KB
82 KB 134ms
133ms Image
image/jpeg 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shenyun.com/build-dist/cp2023/static/media/slideshow-thumb-2.e0c491bce1e38a26c67d.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a5bc6bb9d3eb7e38283a9658ea9f5e757be10ce8d06db458ef5687e7d743bfbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:21 GMT
last-modified: Mon, 30 Jan 2023 04:26:51 GMT
content-length: 83758
content-type: image/jpeg

GET
H2 200 slideshow-thumb-3.57a6d8d291ce82d52866.jpg
www.shenyun.com/build-dist/cp2023/static/media/ 53 KB
53 KB 133ms
133ms Image
image/jpeg 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shenyun.com/build-dist/cp2023/static/media/slideshow-thumb-3.57a6d8d291ce82d52866.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 74d9e8580937ea42d4aa55fe42481c39bcb9e763725c35928b79631b60d43b12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:26 GMT
last-modified: Mon, 30 Jan 2023 04:26:55 GMT
content-length: 54039
content-type: image/jpeg

POST
H3 200 videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 2 MB
2 MB 23ms
23ms Fetch
video/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1675082237&ei=nWXXY8PyFJad8gO97pfoDw&ip=2001%3A1b60%3A1010%3A3%3A1012%3A32db%3A69bf%3Acc7&id=o-AGpARYsnAp-kGeD2FVi24ISOSpJ1mz9Rx-dq2T-t7D1R&itag=302&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=3E&mm=31%2C26&mn=sn-4g5ednd7%2Csn-h0jeenl6&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=7123750&spc=H3gIhsN_IJDvlajQSl9r1xc9e8q0CRg&vprv=1&mime=video%2Fwebm&ns=W8A4ytmpd5H44imsOkGn-ZgL&gir=yes&clen=23872650&dur=120.103&lmt=1672184225659151&mt=1675060390&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=543E434&n=2eMqymay9dLMYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAP2WPSc4lQ7hXEGGtgCc4XoG0zOwbh5MrKgFbaS9a63GAiBO7gFx_VTJC87l3aALcsiub9ktFGi-6BetSIocDqANkQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANF5nHtVktUnEKJvUNzzdGkXZV63LnErTGW4w80onadAAiEAxgWPyji32kkmisM81jHjhZMKTy1kaEGVnwalMQkdUgI%3D&alr=yes&cpn=hzoETNTZsRmMrZU4&cver=1.20230111.01.00&range=4022612-5873927&rn=10&rbuf=13889&pot=D89WOHEpKNpDz24nT9erTJPjH27w9_AzqaEG0c_hYU4l2mvx6Q3lRzvaq8fN3Z-6iNr4_cHaS-VavO8EEjX55DmUAZsRotyE19VyVyA2iproamw4y_wwyv21MVkuYHtDbdudCOs=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b1ef621805244ea6e0fa035f021cd189e525f777e12c1a466d130b6c4409233d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 30 Jan 2023 06:37:27 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1851316
last-modified: Tue, 27 Dec 2022 23:37:05 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21290
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Jan 2023 06:37:27 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 216 KB
216 KB 22ms
22ms Fetch
audio/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1675082237&ei=nWXXY8PyFJad8gO97pfoDw&ip=2001%3A1b60%3A1010%3A3%3A1012%3A32db%3A69bf%3Acc7&id=o-AGpARYsnAp-kGeD2FVi24ISOSpJ1mz9Rx-dq2T-t7D1R&itag=251&source=youtube&requiressl=yes&mh=3E&mm=31%2C26&mn=sn-4g5ednd7%2Csn-h0jeenl6&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=7123750&spc=H3gIhsN_IJDvlajQSl9r1xc9e8q0CRg&vprv=1&mime=audio%2Fwebm&ns=W8A4ytmpd5H44imsOkGn-ZgL&gir=yes&clen=2026164&dur=120.121&lmt=1672183781800604&mt=1675060390&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5432434&n=2eMqymay9dLMYQ&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAI6TM5Xo47WTffv-gAfu5hV19aErLTgkwUlFRL0Xnr5sAiBtZwxLnn_c_GGrnrnI4yoR8ck8INpornPECHnwPwKLog%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANF5nHtVktUnEKJvUNzzdGkXZV63LnErTGW4w80onadAAiEAxgWPyji32kkmisM81jHjhZMKTy1kaEGVnwalMQkdUgI%3D&alr=yes&cpn=hzoETNTZsRmMrZU4&cver=1.20230111.01.00&range=276328-497075&rn=11&rbuf=16741&pot=D89WOHEpKNpDz24nT9erTJPjH27w9_AzqaEG0c_hYU4l2mvx6Q3lRzvaq8fN3Z-6iNr4_cHaS-VavO8EEjX55DmUAZsRotyE19VyVyA2iproamw4y_wwyv21MVkuYHtDbdudCOs=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5a34a4a12a33500a69d912ed5e409cad97d09f74e0e799b1b1c97ae34a805074

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 30 Jan 2023 06:37:27 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 220748
last-modified: Tue, 27 Dec 2022 23:29:41 GMT
server: gvs 1.0
vary: Origin
content-type: audio/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21290
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Jan 2023 06:37:27 GMT

POST
H3 200 videoplayback Show response
rr4---sn-4g5ednd7.googlevideo.com/ Frame 6D1F 2 MB
2 MB 22ms
21ms Fetch
video/webm 2a00:1450:4001:16::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-4g5ednd7.googlevideo.com/videoplayback?expire=1675082237&ei=nWXXY8PyFJad8gO97pfoDw&ip=2001%3A1b60%3A1010%3A3%3A1012%3A32db%3A69bf%3Acc7&id=o-AGpARYsnAp-kGeD2FVi24ISOSpJ1mz9Rx-dq2T-t7D1R&itag=302&aitags=133%2C134%2C135%2C136%2C160%2C242%2C243%2C244%2C247%2C278%2C298%2C299%2C302%2C303&source=youtube&requiressl=yes&mh=3E&mm=31%2C26&mn=sn-4g5ednd7%2Csn-h0jeenl6&ms=au%2Conr&mv=m&mvi=4&pl=36&initcwndbps=7123750&spc=H3gIhsN_IJDvlajQSl9r1xc9e8q0CRg&vprv=1&mime=video%2Fwebm&ns=W8A4ytmpd5H44imsOkGn-ZgL&gir=yes&clen=23872650&dur=120.103&lmt=1672184225659151&mt=1675060390&fvip=2&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=543E434&n=2eMqymay9dLMYQ&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIhAP2WPSc4lQ7hXEGGtgCc4XoG0zOwbh5MrKgFbaS9a63GAiBO7gFx_VTJC87l3aALcsiub9ktFGi-6BetSIocDqANkQ%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRgIhANF5nHtVktUnEKJvUNzzdGkXZV63LnErTGW4w80onadAAiEAxgWPyji32kkmisM81jHjhZMKTy1kaEGVnwalMQkdUgI%3D&alr=yes&cpn=hzoETNTZsRmMrZU4&cver=1.20230111.01.00&range=5873928-7665849&rn=12&rbuf=19419&pot=D89WOHEpKNpDz24nT9erTJPjH27w9_AzqaEG0c_hYU4l2mvx6Q3lRzvaq8fN3Z-6iNr4_cHaS-VavO8EEjX55DmUAZsRotyE19VyVyA2iproamw4y_wwyv21MVkuYHtDbdudCOs=

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/4248d311/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:16::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

560b2bc738a2e7e5552b2d7eb32430f40f2707522f77a887ba58312bf79ce7a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

client-protocol: quic
date: Mon, 30 Jan 2023 06:37:27 GMT
x-restrict-formats-hint: None
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1791922
last-modified: Tue, 27 Dec 2022 23:37:05 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=21290
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Mon, 30 Jan 2023 06:37:27 GMT

GET
H2 200 slideshow-thumb-4.7bc133e60a3f7e3a229f.jpg
www.shenyun.com/build-dist/cp2023/static/media/ 90 KB
90 KB 134ms
133ms Image
image/jpeg 130.211.181.80
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.shenyun.com/build-dist/cp2023/static/media/slideshow-thumb-4.7bc133e60a3f7e3a229f.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.181.80 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 80.181.211.130.bc.googleusercontent.com
Software: /
Resource Hash: c5934e549a415d327204c8524553610b3e73a1fce5b65c8f91fbbb3f5e34849c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.shenyun.com/la?videoid=cJlL1Q1dzv0&playvideo=1&utm_source=shenyun&utm_medium=email&utm_campaign=ca_sale
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 06:37:31 GMT
last-modified: Mon, 30 Jan 2023 04:27:01 GMT
content-length: 91879
content-type: image/jpeg

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

87 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.shenyun.com/	1970-01-20 11:27:16	Name: _gcl_au Value: 1.1.1015857699.1675060635
.shenyun.com/	1970-01-20 18:53:40	Name: _ga_1ENQVSTJF6 Value: GS1.1.1675060635.1.0.1675060635.60.0.0
.shenyun.com/	1970-01-20 18:53:40	Name: kv_id Value: kw98f399b4713bb
.shenyun.com/	1970-01-20 18:53:40	Name: kv_install_sent Value: 1675060635671
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: XcroiafT2oU
.youtube.com/	1970-01-20 13:36:52	Name: VISITOR_INFO1_LIVE Value: FuhtV3QmMhs
.youtube.com/	1970-01-20 13:36:52	Name: DEVICE_INFO Value: ChxOekU1TkRNek1EWTBOalV3TXpBNU1EY3pOZz09EJvL3Z4GGJvL3Z4G
.shenyun.com/	1970-01-20 11:27:16	Name: _fbp Value: fb.1.1675060635778.1465750516
.shenyun.com/	1970-01-20 18:53:40	Name: _ga Value: GA1.2.1374624689.1675060636
.shenyun.com/	1970-01-20 09:19:07	Name: _gid Value: GA1.2.766364357.1675060636
.shenyun.com/	1970-01-20 09:17:40	Name: _gat_UA-16088546-3 Value: 1
www.shenyun.com/	1970-01-20 09:19:07	Name: ln_or Value: eyIxMDQ5MDciOiJkIn0%3D
.t.co/	1970-01-20 18:53:40	Name: muc_ads Value: c2694481-5c02-4d6b-b0bf-22cea8c66743
.linkedin.com/	1970-01-20 10:00:52	Name: UserMatchHistory Value: AQJOgCu9hbFEOgAAAYYBZOiobYYSp7ieVPwcOcEXyp8ns8QZMUhwDroLan_Z_vE01f9UhZ8LkQMs5w
.linkedin.com/	1970-01-20 10:00:52	Name: AnalyticsSyncHistory Value: AQJMIEd0QG3L_wAAAYYBZOiozstYX9otA3Fat4_OlJA-ud2w4Xv3OAm_rafMy2y42aSjNIRzYA6suO_lJMeakg
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 18:03:16	Name: bcookie Value: "v=2&66ad9af4-250a-479d-88cb-2c273110f342"
.linkedin.com/	1970-01-20 09:19:07	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2478:u=1:x=1:i=1675060635:t=1675147035:v=2:sig=AQG7Xz4_MwGPRVcK5SiGH1qd4yurzODw"
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 18:03:16	Name: bscookie Value: "v=1&20230130063715edc3a6f1-38df-4706-8c8c-c02ec9c72a79AQGIbbipCZOX_SSSu4589xRpOQF4Ao79"
.linkedin.com/	1970-01-20 13:36:52	Name: li_gc Value: MTswOzE2NzUwNjA2MzU7MjswMjHVW7g6D/zLSVgTxYGhylL/cvfQLN1vNfdlF8RKPkK67A==
.shenyun.com/	1970-01-20 09:19:07	Name: _uetsid Value: 896805b0a06811ed860ccfc02e8836d6
.shenyun.com/	1970-01-20 18:39:16	Name: _uetvid Value: 89682320a06811edaa9af5a5b524b759
.amazon-adsystem.com/	1970-01-20 15:09:02	Name: ad-id Value: AyUPHtRE60ySr1nn6m2XmWQ
.amazon-adsystem.com/	1970-01-20 18:53:40	Name: ad-privacy Value: 0
.twitter.com/	1970-01-20 18:53:40	Name: personalization_id Value: "v1_zjzPln/am3FaWV3MopuLZQ=="
.bing.com/	1970-01-20 18:39:16	Name: MUID Value: 03912C31082E67742D333E980984664D
.adnxs.com/	1970-01-20 11:27:16	Name: uuid2 Value: 1521403397565078471
.yahoo.com/	1970-01-20 18:03:38	Name: A3 Value: d=AQABBJxl12MCENLRWXLWn-B86ttFJp6gx6UFEgEBAQG32GPhYwAAAAAA_eMAAA&S=AQAAAjsVZRNKnz2hTrP0UnP7Pkw
.shenyun.com/	1970-01-20 12:53:40	Name: __mktuuid Value: df132ac7-e9c9-1834-a623-a094ddf638c0
.shenyun.com/	1970-01-20 12:53:40	Name: __mktuuid_ga Value: 1
.analytics.yahoo.com/	1970-01-20 18:03:16	Name: IDSYNC Value: 195g~29pi
.adnxs.com/	1970-01-20 11:27:16	Name: anj Value: dTM7k!M4/YF7/.XF']wIg2GTulCz]>!]tbPl1M]o$IyEVU[Wu?X4hNRC^[zU^/gNj?6<B@[41pBcrwpypLVX7#BI7y)N[UD!!)bm)M!Q[
.agkn.com/	1970-01-20 18:03:16	Name: ab Value: 0001%3A%2Ff1jd1sh0mgf1kOripmAsiOpu2rRbWMC
.casalemedia.com/	1970-01-20 18:03:16	Name: CMID Value: Y9dlnFh0yM1n1fpSV.ODSwAA
.casalemedia.com/	1970-01-20 11:27:16	Name: CMPS Value: 5126
.casalemedia.com/	1970-01-20 11:27:16	Name: CMPRO Value: 5126
.shenyun.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .shenyun.com
.shenyun.com/	1970-01-20 18:53:40	Name: _lc2_fpi Value: 695bdd977528--01gr0p9ttvfgdk6dkm9kcn1az0
.myvisualiq.net/	1970-01-20 18:53:40	Name: tuuid Value: 02f86af4-bd3b-456c-a7d4-f386de3a9e59
.myvisualiq.net/	1970-01-20 18:53:40	Name: c Value: 1675060636
.myvisualiq.net/	1970-01-20 18:53:40	Name: tuuid_lu Value: 1675060636
.shenyun.com/	1970-01-20 09:17:40	Name: _dc_gtm_UA-16088546-3 Value: 1
.bidswitch.net/	1970-01-20 18:03:16	Name: tuuid Value: 6ae1d8ef-e2f8-4fa8-8776-2ca04d73889c
.bidswitch.net/	1970-01-20 18:03:16	Name: c Value: 1675060636
.bidswitch.net/	1970-01-20 18:03:16	Name: tuuid_lu Value: 1675060636
.bluekai.com/	1970-01-20 13:38:19	Name: bku Value: b/X99JhkNtmzJJAj
.bluekai.com/	1970-01-20 13:38:19	Name: bkpa Value: KJy9RQY5d02pSUHknp1tmexywlJkjsk0wVC65cOpJEBOJEJsJEJsz08CqVabqtT+RVHpKUB6jV6rRt2+JEJsjVB+10DpHZPTJEBWRZhNjV+CSu8Mqt6k1MjojYDpHYD0Ba2YuN2PPDkW9y9ZOH2a
www.shenyun.com/	1970-01-20 13:40:28	Name: _pk_ref.6.874c Value: %5B%22ca_sale%22%2C%22%22%2C1675060637%2C%22%22%5D
www.shenyun.com/	1970-01-20 18:43:35	Name: _pk_id.6.874c Value: 59eda5594686f5d6.1675060637.
www.shenyun.com/	1970-01-20 09:17:42	Name: _pk_ses.6.874c Value: 1
.krxd.net/	1970-01-20 13:36:52	Name: _kuid_ Value: PWV68j_r
.ct.pinterest.com/	1970-01-20 18:03:16	Name: _pinterest_ct_ua Value: "TWc9PSYvMUF3SEI4VzFQa3NLaks3Lzg5Y2l5U3BCS0hDSGF2eGYzeU1jdlR0TGpoS3o4ZG93YWpVVnNvSTVGNnppUE4zSUMxMjVHdTRYTGR6U1JJVVpVRGp0cjQ3V25wN3o3WFRncU1NS3A1cDJWdz0mc1czRHVBS1RBOE1sVHBjTkxRRmtsZERYSFd3PQ=="
.360yield.com/	1970-01-20 11:27:16	Name: tuuid Value: 10b96219-5cb2-4ae1-8902-562547acaa2d
.360yield.com/	1970-01-20 11:27:16	Name: tuuid_lu Value: 1675060636
.adform.net/	1970-01-20 09:59:26	Name: C Value: 1
.adform.net/	1970-01-20 10:44:04	Name: uid Value: 1347644232904364128
.mookie1.com/	1970-01-20 18:46:28	Name: id Value: 10812650126470625724
.mookie1.com/	1970-01-20 18:46:28	Name: mdata Value: 1\|10812650126470625724\|1675060637049
.mookie1.com/	1970-01-20 18:46:28	Name: ov Value: 6451c7c641cc9d3ae6918ed053f1750a
.spotxchange.com/	1970-01-20 09:57:59	Name: audience Value: 8a06e653-a068-11ed-9a03-11e121d60406
.liadm.com/	1970-01-20 18:53:40	Name: lidid Value: 30b34bc0-3a9a-445c-8ef5-67944fae0b3b
.360yield.com/	1970-01-20 11:27:16	Name: um Value: !416,3trTqL9gGIeS-jm0OX62IHc6,1682836637
.360yield.com/	1970-01-20 11:27:16	Name: umeh Value: !416,0,1737268637,-1
.ads.stickyadstv.com/	1970-01-20 10:00:52	Name: UID Value: 32bcea7a24d994d15650fa745b896ee6
.ads.stickyadstv.com/	1970-01-20 09:37:50	Name: uid-bp-30833 Value: MRjZ5xqYTMGVA-5tJ4NVlQ
ads.samba.tv/	1970-01-20 18:47:55	Name: sambapxid Value: 10ad92da71a90ba2d
bs.serving-sys.com/	1969-12-31 23:59:59	Name: r1 Value: 1675060637_1
.serving-sys.com/	1970-01-20 11:27:16	Name: u2 Value: ce887b13-ba18-4e67-96ba-1c51b9bf5dec4KX060
.doubleclick.net/	1970-01-20 18:39:16	Name: IDE Value: AHWqTUmCgehLYhHBb2TxfFxw7d-agz1cwXVGAPj2nX65wNS5KpnOEBTGg-0U9QC0kCM
.pubmatic.com/	1970-01-20 11:27:16	Name: KRTBCOOKIE_290 Value: 23219-0TkDW9D0QsCsHAdLd3KkYA&KRTB&23261-0TkDW9D0QsCsHAdLd3KkYA
.pubmatic.com/	1970-01-20 10:00:52	Name: PugT Value: 1675060637
.demdex.net/	1970-01-20 13:36:52	Name: demdex Value: 90887214294766903914596206954565444887
.ispot.tv/	1970-01-20 18:53:40	Name: pt Value: v2:243ae733c88081f28505e5c8536fa10d3485c8ffb04909ed947e5475e412b8bf\|30577a4dfce2521a139e94bf408add5432c5acd210bc15c9b5df745ca2243a73
.semasio.net/	1970-01-20 18:03:16	Name: SEUNCY Value: 5A95262879136ED0
.pubmatic.com/	1970-01-20 09:19:07	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 18:03:16	Name: KADUSERCOOKIE Value: 19200001-CEDF-4DEE-B14E-4E6AC6943057
.dpm.demdex.net/	1970-01-20 13:36:52	Name: dpm Value: 90887214294766903914596206954565444887
.ninthdecimal.com/	1970-01-20 13:36:52	Name: ndat Value: aO2WYGPXZZ2BvgS56nTqAg==
www.shenyun.com/	1969-12-31 23:59:59	Name: mtc_id Value: 37772882
www.shenyun.com/	1969-12-31 23:59:59	Name: mtc_sid Value: kjr1nirnaa0vx52a4gje4qo
www.shenyun.com/	1969-12-31 23:59:59	Name: mautic_device_id Value: kjr1nirnaa0vx52a4gje4qo
www.shenyun.com/	1970-01-20 13:36:52	Name: _geuid Value: 8b974a1b-7db3-4ce1-844d-1db54ce09b4c
www.shenyun.com/	1970-01-20 10:00:52	Name: _gess Value: true
www.shenyun.com/	1970-01-20 10:00:52	Name: _geps Value: true
.shenyun.com/	1970-01-20 09:17:44	Name: __li_idex_cache_eyJxZiI6MC42LCJyZXNvbHZlIjoibWQ1In0 Value: {}
.alocdn.com/	1970-01-20 18:03:16	Name: uuid Value: 5925110f-20c7-4d21-ad3b-aec2efcd97df

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://usermatch.krxd.net/um/v2?partner=amzn Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
ads.samba.tv
ads.stickyadstv.com
amazon.partners.tremorhub.com
analytics.twitter.com
assets.kochava.com
b-code.liadm.com
bat.bing.com
beacon.krxd.net
bs.serving-sys.com
c1.adform.net
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
cs.choozle.com
ct.pinterest.com
d1eoo1tco6rr5e.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
idx.liadm.com
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
jnn-pa.googleapis.com
lciapi.ninthdecimal.com
lm.serving-sys.com
loadus.exelator.com
marketing.shenyunonline.com
match.360yield.com
matomo.ticketingbox.com
nexus.ensighten.com
odr.mookie1.com
p.alocdn.com
p.typekit.net
pi.ispot.tv
pix.pub
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
rp.liadm.com
rp4.liadm.com
rr4---sn-4g5ednd7.googlevideo.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
s3-us-west-2.amazonaws.com
sb.scorecardresearch.com
snap.licdn.com
ssum-sec.casalemedia.com
static.ads-twitter.com
static.doubleclick.net
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.taboola.com
t.co
t.myvisualiq.net
tags.bluekai.com
token.rubiconproject.com
tracking.ticketingbox.com
uipglob.semasio.net
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
usermatch.krxd.net
usersync.samplicio.us
web-sdk.control.kochava.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.imdb.com
www.linkedin.com
www.shenyun.com
www.youtube.com
x.bidswitch.net
yt3.ggpht.com
104.18.33.19
104.237.150.96
104.244.42.131
104.244.42.69
13.107.42.14
13.224.190.131
130.211.181.80
141.226.228.48
142.251.208.98
143.204.215.7
143.204.215.78
15.197.193.217
151.101.194.132
162.251.166.218
18.195.202.31
18.207.63.238
18.65.33.149
185.64.190.78
185.64.190.80
185.80.39.216
185.86.139.113
185.94.180.126
199.232.16.157
2.18.79.136
2001:4860:4802:34::36
212.82.100.182
216.158.231.78
23.6.126.9
23.62.220.203
2600:1901:0:7af::
2600:1f18:612b:4232:851e:f269:97b5:da7b
2600:1f18:730:b140:7681:9678:781c:27c9
2600:9000:2057:4400:8:8845:1500:93a1
2600:9000:206f:7c00:2:53b2:240:93a1
2606:4700::6811:190e
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:16::9
2a00:1450:400d:802::2002
2a00:1450:400d:802::200a
2a00:1450:400d:802::200e
2a00:1450:400d:802::2016
2a00:1450:400d:804::2001
2a00:1450:400d:806::2003
2a00:1450:400d:806::200a
2a00:1450:400d:806::200e
2a00:1450:400d:807::2004
2a00:1450:400d:807::2006
2a00:1450:400d:80a::2003
2a00:1450:400d:80d::2008
2a00:1450:4025:401::9c
2a02:26f0:10e::6860:5baa
2a02:26f0:11a::217:9a48
2a02:26f0:11a::217:9a4b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.56.137
3.222.151.93
3.67.120.212
3.72.213.91
34.195.36.112
34.231.246.225
34.241.134.251
34.248.136.204
34.98.67.61
35.170.45.72
35.190.11.202
35.244.159.8
37.157.4.39
37.252.171.21
50.112.131.245
50.19.231.193
52.218.243.160
52.28.31.160
52.46.128.147
52.58.99.101
52.59.87.127
54.78.254.47
65.9.66.103
69.10.32.19
69.173.144.138
69.173.144.139
76.223.111.18
77.243.60.138
01af1a8d03b4d01fa82cb1fed9fcdeb30247a59492032052038aff08fac07546
0329c33fe5ea976043e1ee708ee125a3e8a510d5a1f90200f2e9c441667a2201
0480433e0bce8edb171c6a3c31efe149745a88e2a9690807cddc3889ec088eef
075a61c48ac3dd56cdf07086a2f7bae59363f88be99011dd8b73dcf7f2b9df75
0785e2b2433cb69472a6dc71d2c6f64a58d73aa0735ca4838b5f0223b36898b6
087f4098ae94244966a9ae07569e0b1d4fe4604c7b7fc292931d192e7a10a0ff
0885d48a14c0e4cc3474d09c551348abf5c51484b1ecc37cf715c7288131ffb2
08cb06f8517f74dba1b9139be1740ff28ebfbc3bccf6f5eb737a99f4f1f5dd2b
08d6358b84e668ff9b1b13c3a29b3c89fc526173ac75e060174268bdb6bb44d3
0a5400b04882d46c70f4ae06c9933549e907ab0b18dbf3cf0b28e9dc64096079
0a5506366466f2a5c9d69b8036ee2b9c9a13b3248314442ba4b218a17d822bfb
0c7131945815e943fd515530d160db128d771244157258dfcbacb71dccd82377
12efc564f08026d8b6fe50e440d7454c0fae496c23e06d72f39fbdcc87f13d53
17c505cb8c8ba8f451115be58127a0efc08e1aca9cbcca4bd25c23e422c02c49
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ce0d28ff580ad038695051ae756991625aa3882e7ae7e743d00f37bf17ff833
1d26490f083b209ef29e08d092649725edf15ac2b33ad62fdeaafd37f7d79d6f
20379af3458f0a4e5486a74d854d0f7a2f7a2926ed301e322bb7bb8610a1457e
21dbd90119d3def6c42da4da8db80672b7cd791ff63633bcfd9a476a092e6f67
2238ada923d9dabc5cddc9a46525098dece7a567bd944cee9a712c4e77158f15
249120ad030ef95047c8a816452d2dc894c2cce7444f22cca9bbdac253ad9ac4
24b10d0f112fe4cf21d30210eb05dc22585a2faa436af56def617475f0c550d2
2745ad6feddaa508e21201e1395ba9f64a7ba532dad5ade2d76ee0a6b562ca80
2773bebe58754475ba386259a546e1f57b60f8fab64c99ddb1c46e76b668d374
292e811499d7509b1afc5273618b110f2fc0049b9ec48d9a20b8a1de21547c1e
2e37d2e645ae030e13d9422f759d2396f4b55e5404a7ab0e7e08581d037f7d1e
30a8327f0cb688bc7a1767099188abf9be47de99d00cc92417590a4687909fc8
3513f66a10720709981921c697806a536a4c0bb669e1083b46b0d66ba2072bc1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38a83c44c7fe60383ce5dd8e0f22953d45bbf23ff4898b1854137ce13c3c11e7
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3a9aa1c36e7c872e3a9c6eed9453aab3ca6c2eed582fa52a56f5b568bb4a2d00
3ac2bbc7b34961565d5986453dc4f21ccaa7c17f766ec68234d34ed0c94132a3
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cc2cde2273ba7e8b0c22de33b0fd7a4c6ad2dc4411f1c700beb2a194621db88
3ce7977883d986157e0890a960923229f21d982e48b0e78901b3f820ad637a68
3dedcd56b794ea1ede7242c15fcb74e932736fae8a06a4c444e9ae8cb0f1a3e7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ece40b974c6084c091fff702b34d48d9c4b0aaa273b63239cd34225ea20c002
3f42d3d5d72b2253dda502f4582f38ab432bf59fd0b5f2593036e66b4e2be891
4009d9cd874341f6fd65ceaf062f6ff7a414b2b313aa69cd59b4b30b9805a8b4
40915df571c0a26b95efb544e005d15cccadb002563c0173b80714cb64454377
411e4697d5c0d1ce2499fddd6ebed6734dfa336ddb9c96f05e4a94288016f7eb
459d8937828f77f7401e750ebe9c4ed389524a225cd80372f22122d6a6fbb102
45f01b9990b08fb05e4804081661662d94dbc3bd99c644b7774fc0448e1d43a2
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4b08015344e8f25ac3fb1f3636f5af4c99ea716b621aef4356bcc05480edd49b
4b9b5c9b444cc1a3fd0ed56e77b5c1a25a9e2769b5ed72d7dac18cb5f865ab54
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0513d6793b806f0ca7dc963a8a131e92383c7f21497147b053902ab1ad5ac5
5254be59f96fc0d8f3d5abcc6959fe0a0e600dd6a16335fe6f7fa70eb7afbda3
5406bdd111ecece4082b8349f38b5f03628b109b153474f6de227eb7ec3984c8
55c759eb8ec502f537f0807c628337df8a9d9fc150dd7ce24fef8bb466936817
560b2bc738a2e7e5552b2d7eb32430f40f2707522f77a887ba58312bf79ce7a8
5664fcf19557b11d3f0fcc04ddc212955127891377cb7ebfe411dc46ab2c93e2
58ab7caca0f57a1c76770c34ede88778d05c2eb9eb7649f51e0208859f0089bb
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a34a4a12a33500a69d912ed5e409cad97d09f74e0e799b1b1c97ae34a805074
5a35b9c324f9aa7968eacf59429642422f974ae67c1c573cb5d3fd465ed552ac
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6222c5a854cc32fc0f16fa69f42c928e92163fe08ede0e2ac46e99ca0a709174
636c376824e8cb7c4cd135152eea97262757291327210e1f7245128466db3495
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
689a22790c2e4aa279661e5ff277609941271ad1d7b3f7b4cbbc2229dfac8528
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
72bff1145959296231d27985c4902c56b6d0a59781beeb0892867e8ca74d69fb
74a044908beeb6e9b163f9cfe4a5e9d5378c135fd30f425e73fc27a32aa5057c
74cecc89819e65004f3a97f48e4a125a2ad5df1a7dc27b31018c452ceb954d46
74d9e8580937ea42d4aa55fe42481c39bcb9e763725c35928b79631b60d43b12
79468e0799ca774e0fd0ebe70b7a170bf516aaaa5e85b8fe3bbef32cd277599a
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7d89bcb22b5ae8465bdb0228d212bcff6adf31e11340a59288d2e4c8e0cd1ba7
7dcaaf60c5fc6161585d557c8a473a515d6b41c28b1da41ed2eec646bd354bb0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c88ebfecbc749d20a82f93e48f65a2589465eedfbaea2a6313f4ce553b641ec
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
912998fe1c42d957297c9b874fafa350122e4aed81511d7246e18174fe1d10d3
9e1a6015c1d0434ce35be6876c5f7a26c846a829bd698259c91629d1294346aa
9f2b9677d377c114d706d6cf0c3853946f44fee808de8e32535b4d8c9b31b758
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a36c42905be5795cbcbb331ffb37a97a0562e514af606a61588ba05eb6786771
a3c78228db2a49aa9191e38a941cf43a853a9d3638f7dfd0963f27ff99d0c44f
a433e03ca9fc6dbff0d21de71dd9bdd710808a0833683aad93788ff208f0e306
a5bc6bb9d3eb7e38283a9658ea9f5e757be10ce8d06db458ef5687e7d743bfbc
a65c62d1be76bdf94ba77cc299c65eb0c831328d8aea0c2ca9c00f8e0dc90fc9
a7e88d8f10d2445054bcf8c4e4652e40a3b082ebcdb95488a033823c5d1b2871
ab802de9a889b230f649d5f22a8d100fa827d7896a394a12e66701bef82b4f36
abd82c01ba9ebead686986e83dd3310e068ffa820b57d02bcef87bfa7eeaf916
ac6c6b46f4411baafb0c84e6fb8c56dffeb72d3635cebff69dd6f064a2de0bb2
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad9f398c31f00789add4eb395c78331fe9f9dca088ebf397116434cb00beb945
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1ef621805244ea6e0fa035f021cd189e525f777e12c1a466d130b6c4409233d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcfba845412bf8229c214acc9642eb3af0f3afedf3ddc5703b4a2e85cdcaffc7
bdbf8170062fb6fdc91d311d55bb7e0a5a834cf6825c23ff80eef3c7d8027481
bdc08a0c3e8778452e39450ed60c07cb3cec83f305b996c35a8502d8ceaa3cdb
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
c13ef915cd254e5197d5021d9779857e3c3ce6c14825e3f89730b0ad8f46d490
c1739cf065d29f5637c0f86c6ab2b8eac060ef89e37aeeaa025631ec31498766
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c330d304732698e8cce849068708ab1f5d5b0c543080e32213b8f11ccf01a435
c53219fcd73a72d490b99e85451bf90d56b10c0a9556e278e97ed40f1777e25f
c55f311d12c01e483dc30786e6462f603e1f2fc4cb91ae1908a4fedbfc28992a
c5891fef2781a17cc05f3acf6824835a8a99c5e16afe3466fcb1b443841b307c
c5934e549a415d327204c8524553610b3e73a1fce5b65c8f91fbbb3f5e34849c
cdc6445df601bb6ad78010d358e8dfcb0b2a5d617b3664d1a36f8ba5da2b42bf
cf76557868a511eff04bac35ebe0d91b481c5169681598856a65de0bfa218495
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0ab6acd9f1ea57ff2012487b3197776804516543820a88e323542753acbf6b1
d108062088b09e99ca73674e628b2431acaeb8f19c33f8552512371a2c02879d
d21e59a19e48e0c9c2cacef1d3d90a58eaff66f4a98a47aed8624533b986449b
d36ddc90f104f54c0d9b9a5ffef6aeb21194de337098d8905707ec506d2e4ec5
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d863b6128c314592fa8f4f52bd0d275a939012991ec72e55502046f58d4fa10a
e3672bd39c5da36fa82014c9ffe75833ac6a2ee7049ac635ccc84d9687715b6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4103368efcd61fe807a4b5c6754fedccf58d7aec400b392c522e3e245f3714b
e5e464f6d6d41efc599acd2d6885a9aca2119fbb3cdd8f145b8f04fd09301cfc
e65a64867673d4961486e1e1ceaad75e3715f69d47cb23b7c02fd2a053593075
eaf5fb323b1c7feda155c99e92c8a0414292cab6329ac9f2b5f595a988d60bdf
ed7ba1d68e16e93116d5aa8531e2d6d113eead2cf79536ddd0b443974a6c3d2f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f3fa50117b826f8dea3be8931e2777380f7ab8dfa6b458005985fe9779bd5bd5
f54503ac9ce0180c2facebd1e0c6b06e6aa8832f42d84baf377cd2fd110c98e0
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f7129756df8343b4588f60eab17d5f229a364d689cd440314ea71b8aa1f761ae
f7b35ce4d7000cf65cdc7306f635d5633f14877bf8923eb8963386b5bc3e8180
fb277567a12c6f9718b5ae87d3b30c00da601882cff39503862cae7c7d2fbc47
fd3f66f0b5b828f420d6be5f65cd4c4691061624016e26fc33b7e304f26d5bde
fe5c1e4c577a049ae4761a659bf406b927eea882c67fafcbfecab2ae8824f7ef
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.shenyun.com Open in urlscan Pro 130.211.181.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

199 Requests

82 %HTTPS

33 %IPv6

66 Domains

86 Subdomains

55 IPs

10 Countries

11398 kBTransfer

16733 kBSize

87 Cookies

28 Outgoing links

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.shenyun.com Open in urlscan Pro
130.211.181.80 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

82 %
HTTPS

33 %
IPv6

66
Domains

86
Subdomains

55
IPs

10
Countries

11398 kB
Transfer

16733 kB
Size

87
Cookies

199 HTTP transactions
6 data transactions