www.springfieldthunderbirds.com Open in urlscan Pro
151.101.130.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Submission: On February 29 via manual (February 29th 2024, 9:17:03 pm UTC) from US — Scanned from DE

Summary HTTP 114 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 24 domains to perform 114 HTTP transactions. The main IP is 151.101.130.132, located in United States and belongs to FASTLY, US. The main domain is www.springfieldthunderbirds.com.
TLS certificate: Issued by R3 on February 2nd 2024. Valid for: 3 months.

This is the only time www.springfieldthunderbirds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1	18.65.39.119 18.65.39.119	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1 4	34.66.84.194 34.66.84.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	63.35.74.224 63.35.74.224	16509 (AMAZON-02) (AMAZON-02)
1	54.164.119.223 54.164.119.223	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
9	108.138.36.120 108.138.36.120	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
3	54.87.156.174 54.87.156.174	14618 (AMAZON-AES) (AMAZON-AES)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
5	99.84.88.127 99.84.88.127	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:237... 2600:9000:237d:8200:6:4f98:bc40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	18.173.187.28 18.173.187.28	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.73.157.84 52.73.157.84	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	16.182.34.144 16.182.34.144	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:239... 2600:9000:2394:2e00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	44.239.187.210 44.239.187.210	16509 (AMAZON-02) (AMAZON-02)
1	3.86.74.61 3.86.74.61	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:34::36	() ()
114	32

31 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

www.springfieldthunderbirds.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-119.ams1.r.cloudfront.net

releases.flowplayer.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.66.84.194 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.84.66.34.bc.googleusercontent.com

theahl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.35.74.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-74-224.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.119.223 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-119-223.compute-1.amazonaws.com

offer.fevo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 108.138.36.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-120.muc50.r.cloudfront.net

alive5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.87.156.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-156-174.compute-1.amazonaws.com

api-v2.alive5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.84.88.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-127.muc50.r.cloudfront.net

springfieldthunderbirds.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:8200:6:4f98:bc40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

analytics.formstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

9504465.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.187.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-28.muc50.r.cloudfront.net

files.alive5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.157.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-157-84.compute-1.amazonaws.com

team-scaffold.production.carbonhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 16.182.34.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2394:2e00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.187.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-187-210.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.86.74.61 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-74-61.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (None, )

ASN- ()

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	springfieldthunderbirds.com www.springfieldthunderbirds.com	6 MB
15	alive5.com alive5.com — Cisco Umbrella Rank: 56242 api-v2.alive5.com — Cisco Umbrella Rank: 63459 files.alive5.com — Cisco Umbrella Rank: 78290	322 KB
9	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 81 9504465.fls.doubleclick.net pubads.g.doubleclick.net — Cisco Umbrella Rank: 405 ad.doubleclick.net — Cisco Umbrella Rank: 160	7 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	5 KB
7	gstatic.com fonts.gstatic.com	153 KB
6	formstack.com 1 redirects springfieldthunderbirds.formstack.com analytics.formstack.com — Cisco Umbrella Rank: 79080 formstack.com — Cisco Umbrella Rank: 16428 static.formstack.com — Cisco Umbrella Rank: 25095	613 KB
5	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1973 www.google-analytics.com — Cisco Umbrella Rank: 31	21 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	430 KB
4	stripe.com js.stripe.com — Cisco Umbrella Rank: 1169 m.stripe.com — Cisco Umbrella Rank: 1138	169 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2533 adservice.google.com — Cisco Umbrella Rank: 92	791 B
4	theahl.com 1 redirects theahl.com — Cisco Umbrella Rank: 290848	40 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 177	71 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1250	16 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	216 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	25 KB
2	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 936	530 B
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1127	62 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1487	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1741	15 KB
1	amazonaws.com s3.amazonaws.com	221 KB
1	carbonhouse.com team-scaffold.production.carbonhouse.com — Cisco Umbrella Rank: 759029	318 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6463	408 B
1	fevo.com offer.fevo.com — Cisco Umbrella Rank: 51751	36 KB
1	flowplayer.org releases.flowplayer.org — Cisco Umbrella Rank: 87404	4 KB
114	24

	Domain	Requested by
31	www.springfieldthunderbirds.com	www.springfieldthunderbirds.com
9	alive5.com	www.springfieldthunderbirds.com alive5.com
8	fonts.googleapis.com	www.springfieldthunderbirds.com alive5.com client springfieldthunderbirds.formstack.com
7	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagmanager.com	www.springfieldthunderbirds.com www.googletagmanager.com offer.fevo.com www.google-analytics.com
4	9504465.fls.doubleclick.net	2 redirects www.springfieldthunderbirds.com
4	theahl.com	1 redirects www.springfieldthunderbirds.com
3	js.stripe.com	static.formstack.com js.stripe.com
3	static.formstack.com	springfieldthunderbirds.formstack.com static.formstack.com
3	files.alive5.com	www.springfieldthunderbirds.com alive5.com
3	connect.facebook.net	www.springfieldthunderbirds.com connect.facebook.net
3	region1.google-analytics.com	www.googletagmanager.com
3	api-v2.alive5.com	alive5.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	www.facebook.com	www.springfieldthunderbirds.com
2	ad.doubleclick.net	9504465.fls.doubleclick.net
2	adservice.google.com	9504465.fls.doubleclick.net
2	cdnjs.cloudflare.com	alive5.com
2	pubads.g.doubleclick.net	www.springfieldthunderbirds.com
2	www.google-analytics.com	theahl.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	bcp.crwdcntrl.net	www.springfieldthunderbirds.com
2	maxcdn.bootstrapcdn.com	www.springfieldthunderbirds.com maxcdn.bootstrapcdn.com
1	ping.chartbeat.net
1	m.stripe.com	m.stripe.network
1	static.chartbeat.com	www.springfieldthunderbirds.com
1	s3.amazonaws.com	springfieldthunderbirds.formstack.com
1	team-scaffold.production.carbonhouse.com	www.springfieldthunderbirds.com
1	formstack.com	www.springfieldthunderbirds.com
1	analytics.formstack.com	1 redirects
1	springfieldthunderbirds.formstack.com	www.springfieldthunderbirds.com
1	www.google.de	www.springfieldthunderbirds.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	offer.fevo.com	www.springfieldthunderbirds.com
1	releases.flowplayer.org	www.springfieldthunderbirds.com
114	35

This site contains links to these domains. Also see Links.

Domain
theahl.com
www.ahltv.com
www.mgmspringfield.com
massmutualcenter.evenue.net
bit.ly
springfieldthunderbirds5050.com
springfieldthunderbirdsbc.com
mailchi.mp
new.express.adobe.com
springfield-thunderbirds6.mybigcommerce.com
www.facebook.com
www.twitter.com
www.instagram.com
youtube.com
www.carbonhouse.com

Subject Issuer	Validity	Valid
springfieldthunderbirds.com R3	`2024-02-02` - `2024-05-02`	3 months	crt.sh
*.flowplayer.org Amazon RSA 2048 M02	`2023-06-03` - `2024-07-01`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
offer.fevo.com R3	`2024-02-12` - `2024-05-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.alive5.com Amazon RSA 2048 M03	`2023-09-03` - `2024-09-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
theahl.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.formstack.com Amazon RSA 2048 M02	`2024-02-18` - `2025-03-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-09` - `2024-03-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.production.carbonhouse.com Go Daddy Secure Certificate Authority - G2	`2023-11-15` - `2024-12-16`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-02-07` - `2024-05-09`	3 months	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2024-02-08` - `2025-01-11`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2024-05-23`	3 months	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Frame ID: 1AEB341C1A8400789152541FE0C7BE98
Requests: 79 HTTP requests in this frame

Frame: https://springfieldthunderbirds.formstack.com/forms/napoleonvip2024
Frame ID: B5FFF7FC9F07E03128E7EADDCBB68BAA
Requests: 12 HTTP requests in this frame

Frame: https://9504465.fls.doubleclick.net/activityi;dc_pre=CM7-0by80YQDFVgJogMdwMYDyw;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648.593
Frame ID: 376D68E48AF73EB317432E207A8A4488
Requests: 3 HTTP requests in this frame

Frame: https://9504465.fls.doubleclick.net/activityi;dc_pre=CLH-0by80YQDFVgRogMdA_YNmQ;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=6294116026641.907
Frame ID: E0F769087A1EA3A70E870FC86C21149F
Requests: 3 HTTP requests in this frame

Frame: https://alive5.com/chat_window_wrap.html?wid=237c6906-adcd-4d4b-8f90-f4806bc28686
Frame ID: 4A0790BEC38153BECFE5D0AF5A212D7D
Requests: 2 HTTP requests in this frame

Frame: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686
Frame ID: 9B50350EF98AC8BDEAB64520D4578F01
Requests: 11 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 5F925720AFA79E9DB2346B85BEC5C065
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 09E96C10362F87225A1B5DDFBE20A0BA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Napoleon Dynamite VIP Package | Springfield Thunderbirds

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Socket.io (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

114
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

35
Subdomains

32
IPs

4
Countries

9174 kB
Transfer

14077 kB
Size

17
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: http://theahl.com/
Title: AHL

Search URL Search Domain Scan URL

URL: https://theahl.com/

Search URL Search Domain Scan URL

URL: https://www.ahltv.com/

Search URL Search Domain Scan URL

URL: http://www.mgmspringfield.com/

Search URL Search Domain Scan URL

URL: https://massmutualcenter.evenue.net/cgi-bin/ncommerce3/SEGetEventInfo?ticketCode=GS%3AMMC%3ATB23%3ATB31%3A&linkID=mmc&shopperContext=&pc=&caller=&appCode=&groupCode=ITBS&cgc=&RSRC=TBIRDSCOMSCHEDPAGEBANNER

Search URL Search Domain Scan URL

URL: https://massmutualcenter.evenue.net/cgi-bin/ncommerce3/SEGetEventInfo?ticketCode=GS%3AMMC%3ATB23%3ATB33%3A&linkID=mmc&shopperContext=&pc=&caller=&appCode=&groupCode=ITBS&cgc=&RSRC=TBIRDSCOMNAVBARBUTTON

Search URL Search Domain Scan URL

URL: https://bit.ly/23-24ScheduleDownload
Title: Downloadable Schedule

Search URL Search Domain Scan URL

URL: https://theahl.com/stats/standings
Title: Standings

Search URL Search Domain Scan URL

URL: https://theahl.com/stats/player-stats
Title: Statistics

Search URL Search Domain Scan URL

URL: https://springfieldthunderbirds5050.com/
Title: bankESB 50-50

Search URL Search Domain Scan URL

URL: https://springfieldthunderbirdsbc.com/
Title: T-Birds Booster Club

Search URL Search Domain Scan URL

URL: https://mailchi.mp/e1171c9bfbe3/sms-signup

Search URL Search Domain Scan URL

URL: https://new.express.adobe.com/webpage/Dr74AxtXcmBVZ
Title: Partners

Search URL Search Domain Scan URL

URL: http://springfield-thunderbirds6.mybigcommerce.com/
Title: Store

Search URL Search Domain Scan URL

URL: http://springfield-thunderbirds6.mybigcommerce.com/jerseys/
Title: Jerseys

Search URL Search Domain Scan URL

URL: http://springfield-thunderbirds6.mybigcommerce.com/hats/
Title: Hats

Search URL Search Domain Scan URL

URL: http://springfield-thunderbirds6.mybigcommerce.com/kids/
Title: Kids

Search URL Search Domain Scan URL

URL: http://springfield-thunderbirds6.mybigcommerce.com/novelty/
Title: Souvenirs

Search URL Search Domain Scan URL

URL: http://springfield-thunderbirds6.mybigcommerce.com/springfield-ice-o-topes/

Search URL Search Domain Scan URL

URL: http://springfield-thunderbirds6.mybigcommerce.com/jersey-raffles/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/thunderbirdsahl
Title: Facebook

Search URL Search Domain Scan URL

URL: http://www.twitter.com/thunderbirdsahl
Title: Twitter

Search URL Search Domain Scan URL

URL: http://www.instagram.com/ThunderbirdsAHL
Title: Instagram

Search URL Search Domain Scan URL

URL: https://youtube.com/springfieldthunderbirds
Title: YouTube

Search URL Search Domain Scan URL

URL: http://www.carbonhouse.com/
Title: a carbonhouse experience

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://theahl.com/HFD-network-bar-p137883 HTTP 301
https://theahl.com/ahl-internet-network-sept1-23.js

Request Chain 52

https://analytics.formstack.com/js/fsa.js HTTP 301
https://formstack.com/js/fsa.js

Request Chain 54

https://9504465.fls.doubleclick.net/activityi;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648.593 HTTP 302
https://9504465.fls.doubleclick.net/activityi;dc_pre=CM7-0by80YQDFVgJogMdwMYDyw;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648.593

Request Chain 56

https://9504465.fls.doubleclick.net/activityi;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=6294116026641.907 HTTP 302
https://9504465.fls.doubleclick.net/activityi;dc_pre=CLH-0by80YQDFVgRogMdA_YNmQ;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=6294116026641.907

114 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request napoleon-dynamite-vip-package Show response
www.springfieldthunderbirds.com/tickets/ 86 KB
16 KB 154ms
94ms Document
text/html 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b363b6d790753d0a2cad32ca9abaa02bdae8fede600c2dcebc69eddc67bf18bb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 11
cache-control: max-age=15
content-encoding: gzip
content-length: 16354
content-type: text/html; charset=UTF-8
date: Thu, 29 Feb 2024 21:16:57 GMT
expires: Thu, 29 Feb 2024 21:17:01 GMT
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, MISS
x-cache-hits: 1, 0
x-device-type: default
x-microcachable: 1
x-microcache-status: EXPIRED
x-request-time: 330
x-served-by: cache-iad-kiad7000164-IAD, cache-fra-etou8220127-FRA
x-server: prod05use1cw07
x-translation: engUS

GET
H2 200 style.css
www.springfieldthunderbirds.com/assets-team-scaffold/production/417bdb9b04/css/ 304 KB
41 KB 20ms
17ms Stylesheet
text/css 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/assets-team-scaffold/production/417bdb9b04/css/style.css
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3617e53a3883567eb02bbc7353c159f3e3ec69cd253c43ac7d7616107e0df505

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 21 Oct 2021 18:43:01 GMT
age: 2554124
etag: W/"6171b4b5-4c032"
x-cache: HIT
content-type: text/css
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
content-length: 42233
x-served-by: cache-fra-etou8220127-FRA

GET
H2 200 style.css
www.springfieldthunderbirds.com/assets/production/2c60037f63//css/ 8 KB
2 KB 13ms
11ms Stylesheet
text/css 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//css/style.css
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4eb9b5ae111fbd1f535f2db491c14cf265a066bda69a5b005cf688a77c1e9333

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 12 Feb 2024 18:00:14 GMT
age: 653390
etag: W/"65ca5cae-1f11"
x-cache: HIT
content-type: text/css
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
content-length: 1963
x-served-by: cache-fra-etou8220127-FRA

GET
H2 200 modernizr-1.6.min.js Show response
www.springfieldthunderbirds.com/assets/production/2c60037f63//js/libs/ 9 KB
4 KB 16ms
13ms Script
application/x-javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//js/libs/modernizr-1.6.min.js
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d342820f36b15f0337e8d1dd335cd72e4913c5b69f304c01ddc29eaea9110b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 12 Feb 2024 18:00:14 GMT
age: 505333
etag: W/"65ca5cae-255b"
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
content-length: 3717
x-served-by: cache-fra-etou8220127-FRA

GET
H2 200 minimalist.css
releases.flowplayer.org/5.5.0/skin/ 23 KB
4 KB 87ms
14ms Stylesheet
text/css 18.65.39.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://releases.flowplayer.org/5.5.0/skin/minimalist.css
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-119.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d035bcba2713ea2688b7c8a53b43d130a71c5e018c460aa9fa4eaeee00f6b8ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 10:22:53 GMT
content-encoding: br
via: 1.1 ca1ae3b3ff3d7a9e41b26e307972401e.cloudfront.net (CloudFront)
last-modified: Tue, 26 Aug 2014 08:08:40 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 56272
etag: W/"00b5d25ce9d15558ecc33e7cdcb74641"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 9aD6O4U0YU1Qp5LqQCkZ6B2ae4sY4U5Vgh5ZyLIX6sw-uBAc35zbSA==

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 23 KB
6 KB 38ms
14ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 632, 617, 617
age: 10350094
cdn-cachedat: 2021-06-08 21:08:57
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85d3ee6b585071b2-FRA
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 3 KB
990 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700:latin

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 21:16:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 21:16:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
729 B 46ms
22ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700:latin

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 21:16:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 21:16:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
649 B 50ms
26ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:300,400,700:latin

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

593e8ba0015655cfca47b977edae4b59e4568d4674d4309922c50fc9464fb70e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 21:16:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 21:16:57 GMT

GET
H2 200 jquery-ui-1.10.1.custom.min.css
www.springfieldthunderbirds.com/assets-showtime/production/af7301c9b0/css/jquery-ui-1.10.1/smoothness/ 15 KB
3 KB 14ms
13ms Stylesheet
text/css 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/assets-showtime/production/af7301c9b0/css/jquery-ui-1.10.1/smoothness/jquery-ui-1.10.1.custom.min.css
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1c9ccad1729588a4eaa1db4b1c944badeb8a6e42836866c3c0dd93b24b62ecc5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Feb 2024 15:31:01 GMT
age: 508165
etag: W/"65d768b5-3dc6"
x-cache: HIT
content-type: text/css
cache-control: max-age=315360000
x-server: prod05use1cw08
accept-ranges: bytes
content-length: 3005
x-served-by: cache-fra-etou8220127-FRA

GET
H2 200 colorpicker.css
www.springfieldthunderbirds.com/assets-showtime/production/af7301c9b0/css/jquery-ui-1.10.1/smoothness/ 3 KB
851 B 14ms
13ms Stylesheet
text/css 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/assets-showtime/production/af7301c9b0/css/jquery-ui-1.10.1/smoothness/colorpicker.css
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7230b8256c743518177181b79f6fedd5d9dfad1301fa060c260f10b61e365fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 22 Feb 2024 15:31:00 GMT
age: 494643
etag: W/"65d768b4-d1d"
x-cache: HIT
content-type: text/css
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
content-length: 769
x-served-by: cache-fra-etou8220127-FRA

GET
H2

200

ahl-internet-network-sept1-23.js Show response
theahl.com/
Redirect Chain

https://theahl.com/HFD-network-bar-p137883
https://theahl.com/ahl-internet-network-sept1-23.js

7 KB
2 KB

115ms
115ms

Script
application/javascript

34.66.84.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://theahl.com/ahl-internet-network-sept1-23.js
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Server: 34.66.84.194 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.84.66.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 717bd1c2cecc0fa9f9a5d0550d8f0fd73ab62dbc58514bf77fbdfc68eb62b267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
content-encoding: br
last-modified: Fri, 01 Sep 2023 13:45:05 GMT
server: nginx
etag: W/"64f1eae1-1b5d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

Redirect headers

location: https://theahl.com/ahl-internet-network-sept1-23.js
date: Thu, 29 Feb 2024 21:16:58 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H2 200 ezgif.com-optimize-1-104422dd94.gif
www.springfieldthunderbirds.com/assets/img/ 2 MB
2 MB 25ms
24ms Image
image/gif 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/ezgif.com-optimize-1-104422dd94.gif
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 104422dd94592462fa321dc7cab33ea9f68c00faad5a785eb2a82f0682ce013d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Thu, 19 Oct 2028 18:07:01 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Thu, 19 Oct 2028 18:07:01 GMT
fastly-io-served-by: img03-europe-west3
x-amz-request-id: F98RJKPPCTNTPHFT
x-amz-server-side-encryption: AES256
age: 1279821
x-cache: HIT
fastly-io-info: ifsz=2584823 idim=988x64 ifmt=gif ofsz=2584823 odim=988x64 ofmt=gif ofrm=940
fastly-stats: io=1
content-length: 2584823
x-amz-id-2: faSy5H71d2KGQzfATG37Q7qnEjlECX8aIo1nl0mvF1jQNn+YFPDUe0GbXnV5Yk3scv2YyO+Dock=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "vgOxnrinaK07mU12AMfW6OvAR/2SxuJFg0wCSRhSHt0"
content-type: image/gif
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2425-Membership-380x320-1-min-b11d3202cd.png
www.springfieldthunderbirds.com/assets/img/ 46 KB
47 KB 18ms
18ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2425-Membership-380x320-1-min-b11d3202cd.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0684eb3566a8ef944c4d25b51abe064b2c1f1526f8edff73e2a992e4049c2749

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Fri, 09 Feb 2029 16:19:28 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Fri, 09 Feb 2029 16:19:28 GMT
fastly-io-served-by: img05-europe-west3
x-amz-request-id: RCSD2E10Q9HW5DYP
x-amz-server-side-encryption: AES256
age: 629503
x-cache: HIT
fastly-io-info: ifsz=47317 idim=380x320 ifmt=png ofsz=47200 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 47200
x-amz-id-2: H59Br1jdzx33rfo9wB8zOdGFkhXT4LpNeME/QRsEt7gxsNUGUmjIVNAx73wdMnEv68fCnp1p3lM=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "dWEhvKenEyq7ObO09TaFYQTsxUDbY6qVXbMkB6uG3hc"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324-Pink-in-the-Rink-380x320-min-faa8e3b9a1.png
www.springfieldthunderbirds.com/assets/img/ 62 KB
62 KB 18ms
18ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324-Pink-in-the-Rink-380x320-min-faa8e3b9a1.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6de4ee951e0efd5c0c09dc1afd39ee187a3ad0ae947a6b454d93849a6212e142

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Wed, 21 Feb 2029 17:06:40 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Wed, 21 Feb 2029 17:06:40 GMT
fastly-io-served-by: img01-europe-west3
x-amz-request-id: KM3VB5ZWJAKSR8F7
x-amz-server-side-encryption: AES256
age: 353452
x-cache: HIT
fastly-io-info: ifsz=63138 idim=380x320 ifmt=png ofsz=63021 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 63021
x-amz-id-2: kAi9eK8ErhhuEi37GM/sa5l/7q/JY4eg3FOoidhCrIoFVAFDF/mPDw1BhsFmsCMAKUtBdILMq1k=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "bOrWoqH7MP6mfGv2R/C1JVe0penMlrpGhfqPGtUDFzI"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw05
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324-napolion-dynamite-v-SYR-380x320-ef1d4283a8.png
www.springfieldthunderbirds.com/assets/img/ 236 KB
237 KB 28ms
25ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324-napolion-dynamite-v-SYR-380x320-ef1d4283a8.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 58fdc3c35db6874eb3b676a6ba95b4a3a072d7a67e4ee18a01db37dfdfdfb2d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Wed, 28 Feb 2029 20:47:14 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Wed, 28 Feb 2029 20:47:14 GMT
fastly-io-served-by: img12-europe-west3
x-amz-request-id: JH7FDQ94PP119ZNC
x-amz-server-side-encryption: AES256
age: 78461
x-cache: HIT
fastly-io-info: ifsz=242233 idim=380x320 ifmt=png ofsz=242116 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 242116
x-amz-id-2: a/nmhdo3uVYmXjP3hKWHgg3bawQqsPQvAky+OZlBvBVyz2dUgaCexrAN+USffw+tJghSu20LCaE=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: MISS
etag: "NSa1ffjMHYhrrEAaM1qXurFapiv8apRlqezthOKosWE"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw08
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_GroupTickets_380x320-1876f1626b.png
www.springfieldthunderbirds.com/assets/img/ 162 KB
163 KB 12ms
10ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_GroupTickets_380x320-1876f1626b.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dc08e320f23a27298f57a7f9f760653d973489de7cd04cfa6ed4f06d63ec92f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
fastly-io-served-by: img07-europe-west3
x-amz-request-id: TCS7GNDREBGDH5V5
x-amz-server-side-encryption: AES256
age: 1279820
x-cache: HIT
fastly-io-info: ifsz=166483 idim=380x320 ifmt=png ofsz=166366 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 166366
x-amz-id-2: sCvfTm6x6TZGemeFC0UFyDbGLJ1Tk7aek5AH6ghT5aS/o2mOhlYTgqLJ9w4EH3fZFDzTyzko5hF8kpeQE4LXoA==
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "H8zJ/v2wLuhZ25UGniB//o5MEgaPzJkoE93g1k0nCbA"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_ENEWS_380x320-30ba162791.png
www.springfieldthunderbirds.com/assets/img/ 151 KB
151 KB 15ms
11ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_ENEWS_380x320-30ba162791.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fcfbbd68b0465ff5ab1bd0c9993f4fbdd9c140a271fe7ca6c7fbc3521096bf19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-request-id: 7MB2CTHRQ3XMPX8B
age: 648333
x-amz-server-side-encryption: AES256
x-cache: HIT
fastly-io-info: ifsz=154648 idim=380x320 ifmt=png ofsz=154531 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 154531
x-amz-id-2: rpGmTkLxSC1S7OEKX6qT8JWwRqwlRsMSnyl5lm+G7LUbY5+TSTtY9DlY5x2lV8UEhwvmXC4O0gqb7lM7P7VOvl9HTqO/301W
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "w+hQw5E6u5Q2icvh7c2l4Wg0PzfcDFlEXGhUpy36p20"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw02
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_SocialMediaHub_380x320-12a0f60d3f.png
www.springfieldthunderbirds.com/assets/img/ 164 KB
164 KB 48ms
44ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_SocialMediaHub_380x320-12a0f60d3f.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b6426078f8c9f5dfee7b141c2e3a636f30d11bd58889c0c606fbca92927fe640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-request-id: V60A1QYCNVCQXRZA
age: 679279
x-amz-server-side-encryption: AES256
x-cache: HIT
fastly-io-info: ifsz=167767 idim=380x320 ifmt=png ofsz=167650 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 167650
x-amz-id-2: g+AZ63V/uQaSFrVv4evjhHJ3ltH65doHvMjXCVI/9o/iC5vZj1pS1j7uzJUlmd0pifOJ2lv+XpU=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: MISS
etag: "Gfhh7rC9wkM5wOIuoR1q84hoxBaNY5/xYaK+mjhQ1SY"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw02
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 text-alert-380x320-b38e2e8fa7.png
www.springfieldthunderbirds.com/assets/img/ 162 KB
163 KB 18ms
14ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/text-alert-380x320-b38e2e8fa7.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 36116f7a1e7d8be4b89c4729a66a7cc4ea0bfbf1ffed85655c5436b5ad24e997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Wed, 27 Sep 2028 17:06:33 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Wed, 27 Sep 2028 17:06:33 GMT
fastly-io-served-by: img03-europe-west3
x-amz-request-id: 20NFPBGHNEPGY3GT
x-amz-server-side-encryption: AES256
age: 510934
x-cache: HIT
fastly-io-info: ifsz=166452 idim=380x320 ifmt=png ofsz=166335 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 166335
x-amz-id-2: w/taduDLXcP2CKkQHZvv0YBPfetnM0yPgDlrT8OjAaFoCHgWuM1vhlhqtfuyQDkBjUCuUgzP4Wk=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "IE/VFGNqGrzHX925z3ldmOk86YppFGIAs5t2abtQQlA"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw02
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_5050Raffle_380x320-001a383acf.png
www.springfieldthunderbirds.com/assets/img/ 118 KB
119 KB 16ms
13ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_5050Raffle_380x320-001a383acf.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c73904980df7a03b86d73f34bfdc249019be1d5d6a41219f9d88686c8cb33a40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-request-id: YRS27747Z1KPGTV0
age: 667375
x-amz-server-side-encryption: AES256
x-cache: HIT
fastly-io-info: ifsz=121195 idim=380x320 ifmt=png ofsz=121078 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 121078
x-amz-id-2: Wft+/apxZt6+P3mYjc7MnGtZI0aIzEmk1dwjqfIQhYSdTIbvaaXwvMKHCU8v6M4t0ulgWnV9xoQ=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "UYR3qSSqPbQREHD9qrCoc5BL+czfyT9A8jDVLjGSFTg"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_foundation_380x320-f443631605.png
www.springfieldthunderbirds.com/assets/img/ 157 KB
158 KB 18ms
15ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_foundation_380x320-f443631605.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d1f33f04cb8dbd8faacd723e0b854477e452e7724b46842fe4a2c98ed3ab9063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
fastly-io-served-by: img06-europe-west3
x-amz-request-id: 55VRFA9C1QB4FSZM
x-amz-server-side-encryption: AES256
age: 118140
x-cache: HIT
fastly-io-info: ifsz=161132 idim=380x320 ifmt=png ofsz=161015 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 161015
x-amz-id-2: UvP1x8mFUl8Kh7BaOAaGEkv6293GRMvd6jFLUFyDKN11Gm3KeZOdM123JeuPrJ2s/u9ZY1z307o=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "o3VTB8sPo0Vf+EEZIv3d5Q5RD4jU4eV2aMV6rA7YU+g"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_BoomerRequest_380x320-c18a5a1ffb.png
www.springfieldthunderbirds.com/assets/img/ 128 KB
128 KB 22ms
19ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_BoomerRequest_380x320-c18a5a1ffb.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 35d90bcf1feffdc2cb48bfee468d6a335c372ab972b13d14894cab8832487388

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
fastly-io-served-by: img06-europe-west3
x-amz-request-id: 701FD2QAXRWM42AD
x-amz-server-side-encryption: AES256
age: 2647987
x-cache: HIT
fastly-io-info: ifsz=130795 idim=380x320 ifmt=png ofsz=130678 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 130678
x-amz-id-2: 9WXgOjVVT9xZK69ZAcOv0V80GQ9uGfjl0B5MBqSjym6oJisrtqF2GzFI5n5vojESjfLIy9OFtKE=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "NPWjy6zAlYGjG8xWOFGv1ZQUs+4EPRP79QdRsEqSWLM"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_DonationRequest_380x320-a711d4fd75.png
www.springfieldthunderbirds.com/assets/img/ 81 KB
82 KB 14ms
11ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_DonationRequest_380x320-a711d4fd75.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 051826119046a87a09a9cdfea5456641e598b89113c28a4ea8150f1905c9e430

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
fastly-io-served-by: img03-europe-west3
x-amz-request-id: BBDQJEEYM3C9V44X
x-amz-server-side-encryption: AES256
age: 653389
x-cache: HIT
fastly-io-info: ifsz=83226 idim=380x320 ifmt=png ofsz=83109 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 83109
x-amz-id-2: VxQWZtp60At9EAWZaIm38CCoXqmfszajTfky5cl6CINJ8m1WpHMmY5EGbUzWXEBcdXgIhvMy5Gs=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: MISS
etag: "VzB4uvq3qDlmXSM5ffZSEL4DpcPdeuBCyB2GQIPnGLc"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw05
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_BreakawayLounge_380x320-40ed121bc0.png
www.springfieldthunderbirds.com/assets/img/ 163 KB
163 KB 41ms
38ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_BreakawayLounge_380x320-40ed121bc0.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2ca1a7143d92ada5089eff6a476e57a0884707d90ddc9b4683e458cd86f983ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-request-id: 27670B76A7C1XT9W
age: 571183
x-amz-server-side-encryption: AES256
x-cache: HIT
fastly-io-info: ifsz=166986 idim=380x320 ifmt=png ofsz=166869 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 166869
x-amz-id-2: eCEIjUg2W3044Ae06hqjSt6V7gHW+YepZdH8tmM59EaC/OtuWNWqwUQgb3AE5M7czLxcHHJSuIthPxUI/qClQg==
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "qZmVcA6Wf9YkOcVYhACmKiUupe/V87g86A8+nxlHpTI"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_PartySuite_380x320-8b720bdecf.png
www.springfieldthunderbirds.com/assets/img/ 151 KB
151 KB 21ms
18ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_PartySuite_380x320-8b720bdecf.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e49bb62fe2789574bf438a573292a9b19b2e00df6e19ef8812a8b517a2367ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:27 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:27 GMT
fastly-io-served-by: img02-europe-west3
x-amz-request-id: 6S0FV4Y0ZSHCY4AK
x-amz-server-side-encryption: AES256
age: 2641157
x-cache: HIT
fastly-io-info: ifsz=154523 idim=380x320 ifmt=png ofsz=154406 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 154406
x-amz-id-2: seELtmm4tbonSnUXF0TayGwHHFEcNyTgg3dc+Z11uuqrNlRFk6g2+h4j8bzC9UkhgrOwb/Cu4lo=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "sQiz3bECY+lONWBDkt3cYDdLXLpu79NOmAsoQHyCB3I"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw02
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_Perch_380x320-2f3fede6b7.png
www.springfieldthunderbirds.com/assets/img/ 151 KB
152 KB 24ms
21ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_Perch_380x320-2f3fede6b7.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 907f5ff24e3732dbeeef45be6c5291ce27c7aa1d754f88c82da8aa4ab9396fd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
fastly-io-served-by: img01-europe-west3
x-amz-request-id: D7AA8AGNWVX9GZ50
x-amz-server-side-encryption: AES256
age: 2647987
x-cache: HIT
fastly-io-info: ifsz=155156 idim=380x320 ifmt=png ofsz=155039 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 155039
x-amz-id-2: Ti6QduJLdfhNamfZ4jqSwJtZ5Sf4g+mPx3DCqpVpDVaiDtBVXheXTpa59KffRU+7k/OtPEs62DQ=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "mJ8pJ7FkZwy799JKAlJ0O3ERkxyE2NhNCP9VNFi1EBQ"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_TeamStore_380x320-61a9c0de6c.png
www.springfieldthunderbirds.com/assets/img/ 144 KB
145 KB 40ms
37ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_TeamStore_380x320-61a9c0de6c.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 45eb5b3fe501d157cc22cffd523d4194dbeaa4ecc95491f5ea5a7f6658801aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
fastly-io-served-by: img06-europe-west3
x-amz-request-id: C70SWSQQ4Z777P83
x-amz-server-side-encryption: AES256
age: 2573053
x-cache: HIT
fastly-io-info: ifsz=147940 idim=380x320 ifmt=png ofsz=147823 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 147823
x-amz-id-2: ncA3p27UN1WNVUlvnWllyBWkqRuEAiVRAYHi9Bt1UMEUMykHVAy7GIY/vD4HWDnSlFWmbWDmXb8=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "WXdQO9rZ6kV0RaFY1Cn+eLN4aBfQwK4xNM7NL+tNjqQ"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_TopesGear_380x320-078e27b65d.png
www.springfieldthunderbirds.com/assets/img/ 159 KB
160 KB 42ms
40ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_TopesGear_380x320-078e27b65d.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 89ce0cd9e50f398d011ee1fe6b4f13c4a5b9999a700ba0082eb1869d0d92c87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
fastly-io-served-by: img02-europe-west3
x-amz-request-id: F5MYDYGMTQDN5F13
x-amz-server-side-encryption: AES256
age: 2488512
x-cache: HIT
fastly-io-info: ifsz=163437 idim=380x320 ifmt=png ofsz=163320 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 163320
x-amz-id-2: L6HtK0MEq9WdQ0ATysCK5s7iwjWNvubctFc77wOl03Zbd0nri/RPaWPfGAGIsNLaUK0ktQhWAP4=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "i84bulAa1x+ZLhyaTV1xpfx4xtn0X0Mc1LX8eSgx1Fs"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324_jerseyRaffle_380x320-72e5cd8788.png
www.springfieldthunderbirds.com/assets/img/ 79 KB
79 KB 45ms
43ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_jerseyRaffle_380x320-72e5cd8788.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b3a1dbe475d36dc7eefc3af9511833d22541a8f510ba5acae8ac6d39ffc4e8ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 16:47:26 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 16:47:26 GMT
fastly-io-served-by: img06-europe-west3
x-amz-request-id: 2MT9402X1EASNX3J
x-amz-server-side-encryption: AES256
age: 130727
x-cache: HIT
fastly-io-info: ifsz=80546 idim=380x320 ifmt=png ofsz=80429 odim=380x320 ofmt=png
fastly-stats: io=1
content-length: 80429
x-amz-id-2: kvuzAixPJOUEWo2edScaYMHI4RfW85aVaXNIFBtgmNhsRIUgnHPPRJ1Al8dmVseYvPbVRC/VlLE=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "atoq+39wxBDyjVt9hnLj10E/hMV1Z4ZMNpBlnd5yNtA"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 2324-napolion-dynamite-v-SYR-1080x1080-ffb64d5816.png
www.springfieldthunderbirds.com/assets/img/ 2 MB
2 MB 49ms
47ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324-napolion-dynamite-v-SYR-1080x1080-ffb64d5816.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3740f1b86b9b72a085923d972db5254b596f535902077f8ab27183618650de5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Wed, 28 Feb 2029 20:30:52 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
x-amz-meta-expires: Wed, 28 Feb 2029 20:30:52 GMT
fastly-io-served-by: img09-europe-west3
x-amz-request-id: KF410AASPNPMQ7A9
x-amz-server-side-encryption: AES256
age: 78460
x-cache: HIT
fastly-io-info: ifsz=1737218 idim=1080x1080 ifmt=png ofsz=1737101 odim=1080x1080 ofmt=png
fastly-stats: io=1
content-length: 1737101
x-amz-id-2: etUkye/6MIX3HN7MpJWyhCfvlNl0rYgEXYfC/R4NdXvWp/PVnsPWFY9/CpaKhaNEMZ7ZcUXShOA=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "FBMkHEmsLKLhtXrhkmkG6SJhsNQpQPADEaF6hKjSO/w"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw02
accept-ranges: bytes
x-cache-hits: 1

GET
H2 404 b=58100480
bcp.crwdcntrl.net/5/c=931/ 49 B
266 B 169ms
32ms Image
image/gif 63.35.74.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=931/b=58100480
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.74.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-74-224.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:57 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.27.113
content-length: 49
expires: 0

GET
H2 404 b=34063802
bcp.crwdcntrl.net/5/c=931/ 49 B
264 B 170ms
33ms Image
image/gif 63.35.74.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/c=931/b=34063802
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.74.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-74-224.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:57 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.73
content-length: 49
expires: 0

GET
H2 200 fevo.js Show response
offer.fevo.com/js/ 111 KB
36 KB 319ms
95ms Script
application/javascript 54.164.119.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://offer.fevo.com/js/fevo.js

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.164.119.223 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-119-223.compute-1.amazonaws.com

Software

Resource Hash

945ab319c9f3787b68084196c41b9a97f5962c0ebe394ecb6f7b1d1fbfefa180

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 23 Oct 2023 14:31:21 GMT
etag: W/"1ba8f-18b5cf28aa8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: must-revalidate, max-age=60s

GET
H2 200 require.min.js Show response
www.springfieldthunderbirds.com/assets/production/2c60037f63//js/libs/ 15 KB
6 KB 8ms
8ms Script
application/x-javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//js/libs/require.min.js
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9b935bda7709001067d9f40d0b008cb0c56170776245f4ff90c77156980ff5e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 12 Feb 2024 18:00:14 GMT
age: 642201
etag: W/"65ca5cae-3a9d"
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
content-length: 6157
x-served-by: cache-fra-etou8220127-FRA

GET
H2 200 print.css
www.springfieldthunderbirds.com/assets/production/2c60037f63//css/ 0
123 B 50ms
48ms Stylesheet
text/css 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//css/print.css
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 29 Feb 2024 21:16:57 GMT
via: 1.1 varnish
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 12 Feb 2024 18:00:14 GMT
age: 153693
etag: "65ca5cae-0"
x-cache: HIT
content-type: text/css
cache-control: max-age=315360000
x-server: prod05use1cw08
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra-etou8220127-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 193 KB
70 KB 77ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Z39WN6

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bcf50568094fee53b23ac76c2619c488f6c09290f45abcec5029b6bd3143280b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71647
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Feb 2024 21:16:57 GMT

GET
H2 200 a5app.js Show response
alive5.com/js/ 9 KB
4 KB 55ms
12ms Script
text/javascript 108.138.36.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/js/a5app.js

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-120.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f7f0c5a1935f218b30343d82f6b57259ecf294880c4dbb9479c2803b043135ad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:12:28 GMT
content-encoding: gzip
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
x-amz-version-id: laYNKk7Gij9DB9KOwCJL5BiLpI2tmEAN
content-security-policy: frame-ancestors *
x-amz-cf-pop: MUC50-P2
age: 57870
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 3948
last-modified: Thu, 29 Feb 2024 05:12:14 GMT
server: AmazonS3
etag: "fd1114a03f0fc1ddea199b620206ffe6"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: 5EulD6zCctmEgEYth-fUF0va9dXCFYsOqz09mngampRtP0HzkiEajw==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 39ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700:latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.springfieldthunderbirds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:48:58 GMT
x-content-type-options: nosniff
age: 217679
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:48:58 GMT

GET
H2 200 widget-min.js Show response
alive5.com/js/ 39 KB
12 KB 16ms
16ms Script
text/javascript 108.138.36.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/js/widget-min.js?s=1709183508135

Requested by

Host: alive5.com
URL: https://alive5.com/js/a5app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-120.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

9832893c2ccaef3e10bdf9abb43b6281bff5971ec6fd69d4eea958b48803db7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:12:30 GMT
content-encoding: gzip
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
x-amz-version-id: PUtU4ZfBZSeeZ24SKZ4ZU7yZ6m2X.EBW
content-security-policy: frame-ancestors *
x-amz-cf-pop: MUC50-P2
age: 57868
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 12174
last-modified: Thu, 29 Feb 2024 05:12:15 GMT
server: AmazonS3
etag: "3b86bf8d51cf589d79d126a10e59029c"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: IwM-6iqZKI15vON5BAZULPcFl6jHJoUXkCxUzpgu1pxkypM2XXehFg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 251 KB
87 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-THWC32H9FP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z39WN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a8517debadac87d731c9237874a1a86704cd3fbb08d1ad9455e7d2f7a6fda38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89178
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 21:16:57 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 282 KB
94 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R8S9EL1XEX&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z39WN6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

379b9514ec684415c496828660cd7e54dd3f008a05b006bb57591fd9ea2114a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95964
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 21:16:57 GMT

GET
H2 200 widget.bundle.css
alive5.com/css/ 38 KB
5 KB 9ms
8ms Stylesheet
text/css 108.138.36.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/css/widget.bundle.css

Requested by

Host: alive5.com
URL: https://alive5.com/js/widget-min.js?s=1709183508135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-120.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b8ab91ca93b7b2d9375561994ab2b0d361c6825f327f723fba09ec621102a69e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:12:31 GMT
content-encoding: gzip
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
x-amz-version-id: TF3CBrWpOfpLcADHkb2Azvez8AOEwV2r
content-security-policy: frame-ancestors *
x-amz-cf-pop: MUC50-P2
age: 57867
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 5188
last-modified: Thu, 29 Feb 2024 05:12:15 GMT
server: AmazonS3
etag: "437e07a2a1723f183e7572d20b2b3b0f"
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: UizU0i1dv1nzSkS4tvICodSfgW6vqHuWwaZp0Pllx8dX9D6wXCnPdQ==

GET
H2 200 get-by-widget-id Show response
api-v2.alive5.com/1.0/widget-code/ 3 KB
2 KB 623ms
372ms XHR
application/json 54.87.156.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-v2.alive5.com/1.0/widget-code/get-by-widget-id?id=237c6906-adcd-4d4b-8f90-f4806bc28686

Requested by

Host: alive5.com
URL: https://alive5.com/js/widget-min.js?s=1709183508135

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.156.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-156-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

fd8c92f456f31f26c99476bf6c1f2c3dc9cd72529efbaf645bb1a30037cbfe26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.springfieldthunderbirds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
server: nginx
etag: W/"bf6-9HGvDrl7RGDcM4Jt4WJDr5ODvTs"
x-download-options: noopen
vary: Origin, Accept-Encoding
x-dns-prefetch-control: off
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.springfieldthunderbirds.com
access-control-expose-headers: Authorization,X-A5-APIKEY
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 1 KB
538 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans&display=swap

Requested by

Host: alive5.com
URL: https://alive5.com/css/widget.bundle.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d48c84fa4a7964d280a9a9226abe5baaf2058d438dc3890b94aeb768298f484e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 21:16:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 21:16:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 21:16:57 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
266 B 35ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-THWC32H9FP&gtm=45je42q1v885217252z8867308271za220&_p=1709241417507&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=572602347.1709241418&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709241417&sct=1&seg=0&dl=https%3A%2F%2Fwww.springfieldthunderbirds.com%2Ftickets%2Fnapoleon-dynamite-vip-package&dt=Napoleon%20Dynamite%20VIP%20Package%20%7C%20Springfield%20Thunderbirds&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=477
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-THWC32H9FP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfieldthunderbirds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
266 B 58ms
19ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-THWC32H9FP&cid=572602347.1709241418&gtm=45je42q1v885217252z8867308271za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-THWC32H9FP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfieldthunderbirds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 56ms
34ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-THWC32H9FP&cid=572602347.1709241418&gtm=45je42q1v885217252z8867308271za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=124025356

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 14ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-R8S9EL1XEX&gtm=45je42q1v9163749276z8867308271za200&_p=1709241417507&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=572602347.1709241418&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709241417&sct=1&seg=0&dl=https%3A%2F%2Fwww.springfieldthunderbirds.com%2Ftickets%2Fnapoleon-dynamite-vip-package&dt=Napoleon%20Dynamite%20VIP%20Package%20%7C%20Springfield%20Thunderbirds&en=page_view&_fv=1&_ss=1&tfd=503
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8S9EL1XEX&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfieldthunderbirds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: theahl.com
URL: https://theahl.com/HFD-network-bar-p137883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 19:32:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6295
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 29 Feb 2024 21:32:03 GMT

GET
H2 200 network_160615.png
theahl.com/hockeytech/images/ 15 KB
16 KB 266ms
265ms Image
image/png 34.66.84.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theahl.com/hockeytech/images/network_160615.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.66.84.194 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.84.66.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 74538ac3f6e95c70fcf5d93265cb90064e29bb6a37bb7eefb4fb8e899ed9df9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
last-modified: Thu, 15 Aug 2019 04:05:02 GMT
server: nginx
etag: "5d54d9ee-3d57"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15703

GET
H2 200 ahltv-watch-live-2023.jpg
theahl.com/ 22 KB
22 KB 160ms
160ms Image
image/jpeg 34.66.84.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theahl.com/ahltv-watch-live-2023.jpg
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.66.84.194 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.84.66.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1347cafe9eb2edf224e1effeb87b34863f43b971a59dec73aee59f9ef1d75db3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
last-modified: Fri, 01 Sep 2023 13:39:11 GMT
server: nginx
etag: "64f1e97f-56ec"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 22252

GET
H2 200 napoleonvip2024 Show response
springfieldthunderbirds.formstack.com/forms/ Frame B5FF 31 KB
32 KB 487ms
433ms Document
text/html 99.84.88.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://springfieldthunderbirds.formstack.com/forms/napoleonvip2024

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-127.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

22c865270aca5c49eaaf3ee70ebed45ebd58f7c3541dd3cd1f5a2145b850874c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.springfieldthunderbirds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=5 public
content-type: text/html; charset=UTF-8
date: Thu, 29 Feb 2024 21:16:58 GMT
expires: Thu, 29 Feb 2024 21:17:03 GMT
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: CloudFront
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 72818776d4abe4e5a732c084dae83f1a.cloudfront.net (CloudFront)
x-amz-cf-id: 1xmwQ5qW6T46tiHGAh1dw08_3n2rg7LL8QYiDdGftQCS-6iChM4Hdg==
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff

GET
H2

200

fsa.js Show response
formstack.com/js/
Redirect Chain

https://analytics.formstack.com/js/fsa.js
https://formstack.com/js/fsa.js

54 KB
13 KB

25ms
18ms

Script
application/javascript

99.84.88.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://formstack.com/js/fsa.js

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Server

99.84.88.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-127.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

179478bddb718a61355c3f83b9fc32dcb9c22ed470b3c63080475ab78ed9da15

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 13:57:33 GMT
content-encoding: br
via: 1.1 72818776d4abe4e5a732c084dae83f1a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 28 Feb 2024 21:28:07 GMT
server: CloudFront
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 26365
etag: W/"65dfa567-d8a9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: lvDcRqYTaRSNqunggKKRXA611wvxMo0A4ScFnzewJFE8ubyfOgdhrg==

Redirect headers

date: Thu, 29 Feb 2024 19:43:10 GMT
via: 1.1 09dddedbac44fa07d4af5f638358fa8a.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 5629
x-cache: Hit from cloudfront
location: https://formstack.com/js/fsa.js
content-length: 0
x-amz-cf-id: 7nJhkiuiMo7m9QVUIAak-wX02U80T0v5l8jWBq8NL86Y9mlJKX153Q==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 25ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Feb 2024 21:16:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57257
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: sLw5dUSdo5sa2qnEn46HggP7u2Y3aNtTbO9HY4QD1gJOxwFQNdE7s8uax+nqcfUCiv2nF/rK87WZ6AIa66j3dg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CM7-0by80YQDFVgJogMdwMYDyw;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648.593 Show response
9504465.fls.doubleclick.net/ Frame 376D
Redirect Chain

https://9504465.fls.doubleclick.net/activityi;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648.593?
https://9504465.fls.doubleclick.net/activityi;dc_pre=CM7-0by80YQDFVgJogMdwMYDyw;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648....

2 KB
1 KB

44ms
43ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9504465.fls.doubleclick.net/activityi;dc_pre=CM7-0by80YQDFVgJogMdwMYDyw;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648.593?

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

d792f478ebe497335eaa0af11fc016cb1e81ef4d03939f13f94afbb1b4f419ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.springfieldthunderbirds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 923
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 21:16:58 GMT
expires: Thu, 29 Feb 2024 21:16:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 21:16:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9504465.fls.doubleclick.net/activityi;dc_pre=CM7-0by80YQDFVgJogMdwMYDyw;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648.593?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 activity;xsp=4508371;ord=1;num=238465934666.11887
pubads.g.doubleclick.net/ 42 B
107 B 100ms
43ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4508371;ord=1;num=238465934666.11887?

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CLH-0by80YQDFVgRogMdA_YNmQ;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=6294116026641.907 Show response
9504465.fls.doubleclick.net/ Frame E0F7
Redirect Chain

https://9504465.fls.doubleclick.net/activityi;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=6294116026641.907?
https://9504465.fls.doubleclick.net/activityi;dc_pre=CLH-0by80YQDFVgRogMdA_YNmQ;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=62941160...

2 KB
1 KB

45ms
44ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9504465.fls.doubleclick.net/activityi;dc_pre=CLH-0by80YQDFVgRogMdA_YNmQ;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=6294116026641.907?

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

62b6394775c7ca48c62ec17ba9142f8b2f5a3ff3722279498ccbcc7916bcd4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.springfieldthunderbirds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 928
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 21:16:58 GMT
expires: Thu, 29 Feb 2024 21:16:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 21:16:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://9504465.fls.doubleclick.net/activityi;dc_pre=CLH-0by80YQDFVgRogMdA_YNmQ;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=6294116026641.907?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 284 KB
95 KB 43ms
42ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-68T7BFQNJK&l=gmDataLayer

Requested by

Host: offer.fevo.com
URL: https://offer.fevo.com/js/fevo.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16c2edc15aaf7516305122ec78cb0e8e33b4591b11a8ae9ac6a989b84b2e2857

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 96774
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 21:16:58 GMT

GET
H2 200 2324_web_head_ico_340x110_transparent-2e52594532.png
www.springfieldthunderbirds.com/assets/img/ 23 KB
23 KB 10ms
10ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.springfieldthunderbirds.com/assets/img/2324_web_head_ico_340x110_transparent-2e52594532.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e714a8a434ae5a8d937a6dca4e5028c2351cd90567d2f61105ac17df2e6f39c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Mon, 10 Jul 2028 17:16:16 GMT
x-amz-meta-cache-control: max-age=315360000
date: Thu, 29 Feb 2024 21:16:58 GMT
via: 1.1 varnish
x-amz-meta-expires: Mon, 10 Jul 2028 17:16:16 GMT
fastly-io-served-by: img06-europe-west3
x-amz-request-id: Z4K0B5P2MERTW3G5
x-amz-server-side-encryption: AES256
age: 54869
x-cache: HIT
fastly-io-info: ifsz=24256 idim=340x110 ifmt=png ofsz=23305 odim=340x110 ofmt=png
fastly-stats: io=1
content-length: 23305
x-amz-id-2: lXpJzMXCq2PaMPPS2eOuoluMbhKHTIxYeBoMr0MAvJdQJuScpEAE9PaW+ClOWi7Vy9alqhY4ANY=
fastly-io-warning: Failed to shrink image
x-served-by: cache-fra-etou8220127-FRA
x-proxycache-status: HIT
etag: "otKqU2sN3fIMdIUMhNgRrmN4NHovGiI7Q9hu1WFQddg"
content-type: image/png
cache-control: max-age=315360000
x-server: prod05use1cw05
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700:latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.springfieldthunderbirds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:00:36 GMT
x-content-type-options: nosniff
age: 216982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:00:36 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700:latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.springfieldthunderbirds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 17:34:04 GMT
x-content-type-options: nosniff
age: 272574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Feb 2025 17:34:04 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 55 KB
56 KB 39ms
19ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin: https://www.springfieldthunderbirds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722
age: 9744155
cdn-cachedat: 08/24/2023 06:28:54
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56780
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "97493d3f11c0a3bd5cbd959f5d19b699"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ff5e430a41d366804e25086797a6eedb
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85d3ee70a9969195-FRA
cdn-requestpullsuccess: True

GET
H2 200 activity;xsp=4508371;ord=1;num=4846204574891668
pubads.g.doubleclick.net/ 42 B
440 B 81ms
43ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4508371;ord=1;num=4846204574891668?

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
www.springfieldthunderbirds.com/assets/production/2c60037f63//js/ 3 KB
1 KB 8ms
8ms Script
application/x-javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//js/main.js
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//js/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c69b3c83c19d3e9d45313630f318a3532d282bc8855e61fb130c8c160f0f6057

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 29 Feb 2024 21:16:58 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 12 Feb 2024 18:00:14 GMT
age: 587943
etag: W/"65ca5cae-a3a"
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
content-length: 987
x-served-by: cache-fra-etou8220127-FRA

GET
H2 200 chat_window_wrap.html Show response
alive5.com/ Frame 4A07 5 KB
2 KB 29ms
29ms Document
text/html 108.138.36.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/chat_window_wrap.html?wid=237c6906-adcd-4d4b-8f90-f4806bc28686

Requested by

Host: alive5.com
URL: https://alive5.com/js/widget-min.js?s=1709183508135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-120.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

b13a05e8dbcb3d4de88e89497f488e02aba24079a7ed0e9cbb12f2c3b5b66647

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

Referer: https://www.springfieldthunderbirds.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 57544
content-encoding: gzip
content-length: 1929
content-security-policy: frame-ancestors *
content-type: text/html
date: Thu, 29 Feb 2024 05:17:54 GMT
etag: "f36cd5a8ae91ddebeb33f812363cabee"
last-modified: Thu, 29 Feb 2024 05:12:12 GMT
server: AmazonS3
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
x-amz-cf-id: aH_Q3lfNzZboskKmw1OXmRW9hkx9kHHhAGmcLDScxpoUt_f4aWoM2A==
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: wcA2TpgWiIAq54NLR9ah0oLPUZXDjAkw
x-cache: Hit from cloudfront

GET
H2 200 icons.html Show response
alive5.com/ 13 KB
5 KB 25ms
9ms XHR
text/html 108.138.36.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/icons.html

Requested by

Host: alive5.com
URL: https://alive5.com/js/widget-min.js?s=1709183508135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-120.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5e32e36d67d436fa5dc42760c7f99fc41c55709c43137a96a0c572133014170a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:12:32 GMT
content-encoding: gzip
via: 1.1 cdf03e675736c21829fede7b370fd99a.cloudfront.net (CloudFront)
x-amz-version-id: qACz8lEvoVBLM6PnoBM5dZFqPUAhrAu_
content-security-policy: frame-ancestors *
x-amz-cf-pop: MUC50-P2
age: 57867
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4965
last-modified: Thu, 29 Feb 2024 05:12:13 GMT
server: AmazonS3
etag: "c57fece4f277866b237dae4a72870d7d"
access-control-max-age: 30000
access-control-allow-methods: GET, POST, PUT
content-type: text/html
access-control-allow-origin: *
access-control-expose-headers: ETag
accept-ranges: bytes
x-amz-cf-id: co7mX2YR60cjJcpSI95cUTYZ9mMGPnGTOsVva6RM6NOCLnzzO90kUQ==

GET
H2 200 design1-1627410274493.png
files.alive5.com/images/widgets/upload/ 12 KB
12 KB 42ms
8ms Image
image/png 18.173.187.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.alive5.com/images/widgets/upload/design1-1627410274493.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1af9bf68fc8fa81748f021afb78fddb7205e19de6f0e0b19b9704539cf561e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 07:32:54 GMT
x-amz-version-id: 0NgDt2FUTvz6M6hHFyqACl0oss4xC7V0
via: 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified: Tue, 27 Jul 2021 18:24:35 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 49445
etag: "bb44d7eb88eef708f1589e9758368aa8"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 12285
x-amz-cf-id: 2poWGezTISngB6xyZ9wwMQO8-mb7gSJEB3aHE2ZSzRof3qKAIyLyQg==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
233 B 16ms
13ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=583701463&t=pageview&_s=1&dl=https%3A%2F%2Fwww.springfieldthunderbirds.com%2Ftickets%2Fnapoleon-dynamite-vip-package&ul=en-us&de=UTF-8&dt=Napoleon%20Dynamite%20VIP%20Package%20%7C%20Springfield%20Thunderbirds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IADAAEABAAAAACAAI~&jid=1314162999&gjid=42376924&cid=572602347.1709241418&tid=UA-4396798-14&_gid=2040861305.1709241418&_r=1&_slc=1&z=639184475

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fb13ea77ee80f9ff5416265304bdd1362370ae64875f52067936c5a214edcc83

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.springfieldthunderbirds.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfieldthunderbirds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4A07 1 KB
488 B 19ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans&display=swap

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window_wrap.html?wid=237c6906-adcd-4d4b-8f90-f4806bc28686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d48c84fa4a7964d280a9a9226abe5baaf2058d438dc3890b94aeb768298f484e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 21:07:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 21:16:58 GMT

GET
H2 200 chat_window.html Show response
alive5.com/ Frame 9B50 28 KB
9 KB 23ms
23ms Document
text/html 108.138.36.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window_wrap.html?wid=237c6906-adcd-4d4b-8f90-f4806bc28686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-120.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

e4233d88dfc4c72ee13403141e3a1a45debb83a004bcd57517ffbfad11bbffbb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

Referer: https://alive5.com/chat_window_wrap.html?wid=237c6906-adcd-4d4b-8f90-f4806bc28686
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 57544
content-encoding: gzip
content-length: 8267
content-security-policy: frame-ancestors *
content-type: text/html
date: Thu, 29 Feb 2024 05:17:55 GMT
etag: "542e716afb3419becd0e0faa477f8b2f"
last-modified: Thu, 29 Feb 2024 05:12:12 GMT
server: AmazonS3
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
x-amz-cf-id: 9xqCwCJa47qRqtQ5BOMj0zl8M0sP8XEhMejg1SC3HDQXVYgltIkSzQ==
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: pGvjLbPdxYW6pmGrW9H9_gqlHfLEX_yc
x-cache: Hit from cloudfront

GET
H2 200 1831433273772228 Show response
connect.facebook.net/signals/config/ 53 KB
11 KB 96ms
96ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1831433273772228?v=2.9.147&r=stable&domain=www.springfieldthunderbirds.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee61f778974fecffb16b268486a89fdde07869c66fc54820ba708a655fa7e564

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Feb 2024 21:16:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: gIW1YPbdVsb4jrXvBKbvWf2ikoo+oLl526RhVmmhqAQyOyDtcF3fvIDIjA2k4PNL0YglhDgfb/yu4qbZxHrHjw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 235 KB
84 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5D69QNBBHF&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e38915c04b3de3c147d589749fe4cb691bbc0ec7b89d72f3771f19a762dfb6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86053
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 21:16:58 GMT

GET
H2 200 chat.bundle.css
alive5.com/css/ Frame 9B50 112 KB
19 KB 10ms
9ms Stylesheet
text/css 108.138.36.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/css/chat.bundle.css

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-120.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

68b07f709fce51cceb3186bd7987951c512c6540b5616840401fde1e04d6f75a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:12:34 GMT
content-encoding: gzip
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
x-amz-version-id: jNJGacfqTSirTAFWD6FRWBUoL4Vdzmsm
content-security-policy: frame-ancestors *
x-amz-cf-pop: MUC50-P2
age: 57865
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 18685
last-modified: Thu, 29 Feb 2024 05:12:15 GMT
server: AmazonS3
etag: "f7cd4b13b38b9f53ea0cc35d5b9e5e9d"
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: W3bni7yifLWxC26jLmCizck2cKdfyiL9_6zDNzZX8aXFoJnzbuY9lA==

GET
H3 200 css
fonts.googleapis.com/ Frame 9B50 1 KB
488 B 19ms
19ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans&display=swap

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d48c84fa4a7964d280a9a9226abe5baaf2058d438dc3890b94aeb768298f484e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 20:54:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 21:16:58 GMT

GET
H2 200 loader.gif
alive5.com/img/ Frame 9B50 3 KB
4 KB 10ms
9ms Image
image/gif 108.138.36.120
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://alive5.com/img/loader.gif

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-120.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:12:34 GMT
x-amz-version-id: 3Mf9YFtAXh65UiTAW9uvtDN9x64ud7mi
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
content-security-policy: frame-ancestors *
last-modified: Thu, 29 Feb 2024 05:12:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 57865
etag: "be1cede97289c13920048f238fd37b85"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 3208
x-amz-cf-id: EGuJx7ds6A0-ISnQKGkqAordG_ZN5nDJbQ69CW_VHU7fZEWiwZwFKw==

GET
H2 200 ashfaqtest-wicon1544204526155.png
files.alive5.com/images/widgets/upload/ Frame 9B50 1 KB
2 KB 8ms
8ms Image
application/octet-stream 18.173.187.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.alive5.com/images/widgets/upload/ashfaqtest-wicon1544204526155.png
Requested by: Host: alive5.com
URL: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2e60f36746d4efa38a43a662e146f7ca279803288f2852c14d1137de68002e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: JEJEiC9HGRttaRlxNnlXqTQphBO7xIRV
date: Thu, 29 Feb 2024 08:04:20 GMT
via: 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified: Fri, 07 Dec 2018 12:42:11 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 47885
etag: "6f878c9733062f3e765504ed137d0bc6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/octet-stream
accept-ranges: bytes
content-length: 1455
x-amz-cf-id: _S74EJ3qnng-15Jl29FNAGWa-jPOk9spr7sMLSextSLZaNIFz5bDVQ==

GET
H2 200 chocolat.js Show response
cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/ Frame 9B50 24 KB
5 KB 33ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/chocolat/1.0.4/js/chocolat.js

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23aa985ae2ae9ccb19a2ca39be4279fd544074e2dd51a69e61ae76adc40c2e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7920401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3965
last-modified: Fri, 26 Feb 2021 23:16:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "6039816b-6044"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ei1jY6A1UJKZdrn%2Fx59QjI2ktF03f6EqfGcfVOCW0LyPYGv4I5Vq6KBdg%2Bv71TsXHyBJGjZ94uUts2D5tTjtMPerpMCKBmsYXuhGm6%2B3CQrJcLH2H1FbPeZgBq8ynMUW%2Fwzr9uDF548egfgd0zqBOCh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85d3ee71689ebb8f-FRA
expires: Tue, 18 Feb 2025 21:16:58 GMT

GET
H2 200 socket.io.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/ Frame 9B50 103 KB
21 KB 33ms
17ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.3.2/socket.io.js

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6b7fc20b7e5eabb078b5f8f8076e46595e446522eacf29e8096151e7c65ac79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9395023
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20711
last-modified: Sun, 17 Oct 2021 02:31:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "616b8b0a-50e7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=caW3zMz%2B9DRxQ3tpcZ3G5%2BnUCWRa8ag28NlrExcE%2FgQy8dgIIFNkqXWRbCH9T7MqITJ52i6z%2Fhi99NYpxFUu%2FkZCp7MmFiS1YFLYSBVSoNzsY%2BPT5w7dN%2B86vzui%2FAlgRe71EJKx8I2PDMM%2BS0BO7H%2Fi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85d3ee7168a1bb8f-FRA
expires: Tue, 18 Feb 2025 21:16:58 GMT

GET
H2 200 chat.bundle.js Show response
alive5.com/js/ Frame 9B50 594 KB
175 KB 11ms
10ms Script
text/javascript 108.138.36.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://alive5.com/js/chat.bundle.js?s=1709183508135

Requested by

Host: alive5.com
URL: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.36.120 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-36-120.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d735fa91a8be750f0db7b22e4d45ef7665d7a4742c400b323374c3ac2cf76a9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/chat_window.html?preopen=undefined&wid=237c6906-adcd-4d4b-8f90-f4806bc28686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 05:12:28 GMT
content-encoding: gzip
via: 1.1 c807be9a1ebef174d61ebd59fb655d20.cloudfront.net (CloudFront)
x-amz-version-id: hVW.OOsoDZDjhJlKX8zElvixr5iLiu20
content-security-policy: frame-ancestors *
x-amz-cf-pop: MUC50-P2
age: 57871
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 178322
last-modified: Thu, 29 Feb 2024 05:12:14 GMT
server: AmazonS3
etag: "4b0f72bea225c61e3710b7d8cd1ce913"
content-type: text/javascript
accept-ranges: bytes
x-amz-cf-id: RBuRfSmEglKFPenS53xpdlyCSX5kuJD-HVWpH11yp37pywDJAu2whw==

GET
H2 200 spec_additions_override.js Show response
www.springfieldthunderbirds.com/assets/production/2c60037f63//js/ 14 B
68 B 7ms
7ms Script
application/x-javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//js/spec_additions_override.js
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//js/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b1b56dd28d4fe8539d5993725f543549aabbfc192e94197b4ae2068aaee137b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 29 Feb 2024 21:16:58 GMT
via: 1.1 varnish
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 12 Feb 2024 18:00:14 GMT
age: 653388
etag: "65ca5cae-e"
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
content-length: 14
x-served-by: cache-fra-etou8220127-FRA

GET
H/1.1 200
OK app.optimized.js Show response
team-scaffold.production.carbonhouse.com/themes/default/s3/js/ 1 MB
318 KB 303ms
98ms Script
application/x-javascript 52.73.157.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://team-scaffold.production.carbonhouse.com/themes/default/s3/js/app.optimized.js
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//js/libs/require.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.73.157.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-157-84.compute-1.amazonaws.com
Software: /
Resource Hash: 3a201cff46dcaa5fd8330454b9cc185454b1bc76da1cccf80913404f8d084753

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 18:43:01 GMT
etag: W/"6171b4b5-11eccb"
transfer-encoding: chunked
content-type: application/x-javascript
x-server: prod05use1cw03
x-robots-tag: noindex, nofollow, nosnippet, noarchive, noimageindex

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 15ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5D69QNBBHF&gtm=45je42q1v9124926491za220&_p=1709241417507&gcd=13l3l3l3l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=572602347.1709241418&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.springfieldthunderbirds.com%2Ftickets%2Fnapoleon-dynamite-vip-package&dt=Napoleon%20Dynamite%20VIP%20Package%20%7C%20Springfield%20Thunderbirds&sid=1709241418&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1196
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5D69QNBBHF&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfieldthunderbirds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CM7-0by80YQDFVgJogMdwMYDyw;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648.593
adservice.google.com/ddm/fls/z/ Frame 376D 42 B
107 B 63ms
42ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM7-0by80YQDFVgJogMdwMYDyw;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648.593

Requested by

Host: 9504465.fls.doubleclick.net
URL: https://9504465.fls.doubleclick.net/activityi;dc_pre=CM7-0by80YQDFVgJogMdwMYDyw;src=9504465;type=invmedia;cat=dbm_s0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5768838020648.593?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9504465.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDk1MDQ0NjUKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3NwcmluZ2ZpZWxkdGh1bmRlcmJpcmRzLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZF...
ad.doubleclick.net/ddm/activity/ Frame 376D 0
2 KB 79ms
43ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDk1MDQ0NjUKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3NwcmluZ2ZpZWxkdGh1bmRlcmJpcmRzLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAxNTA4OTkyMzIwOTI2NzE3OTE2NApjdGNfY29udmVyc2lvbl9idWNrZXQ6IDQKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4NzYwMTE2CiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTI5IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiAxODI0ODA1NTY4MjU0ODU1MjgwMQo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9504465.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:58 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"18248055682548552801"}],"aggregatable_trigger_data":[{"filters":{"14":["8760116"]},"key_piece":"0x441c26b13c17906c","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x1fb5dbc926d51c52","not_filters":{"14":["8760116"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["8760116"]},"key_piece":"0x214e8ce3601ce8f8","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x1ae0d4cb95c0e259","not_filters":{"14":["8760116"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"15089923209267179164","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"18248055682548552801","filters":{"14":["8760116"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"18248055682548552801","filters":{"14":["8760116"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"18248055682548552801","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"18248055682548552801","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["9504465"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CLH-0by80YQDFVgRogMdA_YNmQ;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=6294116026641.907
adservice.google.com/ddm/fls/z/ Frame E0F7 42 B
401 B 62ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CLH-0by80YQDFVgRogMdA_YNmQ;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=6294116026641.907

Requested by

Host: 9504465.fls.doubleclick.net
URL: https://9504465.fls.doubleclick.net/activityi;dc_pre=CLH-0by80YQDFVgRogMdA_YNmQ;src=9504465;type=invmedia;cat=dbm_m0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=1;num=6294116026641.907?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9504465.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDk1MDQ0NjUKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3NwcmluZ2ZpZWxkdGh1bmRlcmJpcmRzLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZF...
ad.doubleclick.net/ddm/activity/ Frame E0F7 0
2 KB 78ms
42ms Image
image/png 142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDk1MDQ0NjUKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL3NwcmluZ2ZpZWxkdGh1bmRlcmJpcmRzLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAxNzYxMjk2NDM3NzIxMTY4NzExNwpjdGNfY29udmVyc2lvbl9idWNrZXQ6IDMKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA4ODg3ODAzCiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTI5IgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiA0MzY1MTY4NTA2NTUwMjAxNzg0Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9504465.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:16:58 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"4365168506550201784"}],"aggregatable_trigger_data":[{"filters":{"14":["8887803"]},"key_piece":"0x5b069222c3eb8bc6","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0x1bb684fee3bf4380","not_filters":{"14":["8887803"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["8887803"]},"key_piece":"0xfb8fe79a6ac7efa0","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0x22edc303c774dae2","not_filters":{"14":["8887803"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"17612964377211687117","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"4365168506550201784","filters":{"14":["8887803"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"4365168506550201784","filters":{"14":["8887803"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"4365168506550201784","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"4365168506550201784","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["9504465"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 688618144623028 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 109ms
109ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/688618144623028?v=2.9.147&r=stable&domain=www.springfieldthunderbirds.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100%2C175%2C174%2C176%2C181%2C182%2C183%2C179%2C171%2C116%2C170%2C172%2C107%2C137%2C129%2C132%2C113%2C166%2C206%2C101%2C207%2C144%2C105%2C127%2C120%2C108

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df9b50cf6af66e6d57d3eceb47bc7bb64b4eeef5a8fa0224cd16055f3eab9571

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Feb 2024 21:16:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
pragma: public
x-fb-debug: lTLi0qiQw4MOkPd0TUJM0y0YloxUD1FaFjhcevy9leujFStaVDzIFO789O/a10QmerS+7ccCSVJ7sljojI2NXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1831433273772228&ev=PageView&dl=https%3A%2F%2Fwww.springfieldthunderbirds.com%2Ftickets%2Fnapoleon-dynamite-vip-package&rl=&if=false&ts=1709241418549&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1709241418548.2128113104&ler=empty&cdl=API_unavailable&it=1709241418408&coo=false&exp=e1&rqm=GET

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Feb 2024 21:16:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H2 204 get-threads-byId
api-v2.alive5.com/1.0/thread/ Frame 0
0 95ms
95ms Preflight 54.87.156.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=thunderbirds&thread_id=0c72cc8e-cbf1-44fd-b858-07199c6200d8&crm_id=5ddc4796-1345-44cd-a49c-c8cd05e78f14&code=2&enabled_redis_storage=false&visitor=true&referrer=&page_url=https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package&attach_botchain=thunderbirds%20bot
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.156.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-156-174.compute-1.amazonaws.com
Software: nginx / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://alive5.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,Content-Length,X-Requested-With,X-A5-APIKEY,x-xsrf-token,Cookie
access-control-allow-methods: GET,PUT,POST,DELETE,PATCH,OPTIONS
access-control-allow-origin: https://alive5.com
access-control-expose-headers: Authorization,X-A5-APIKEY
access-control-max-age: 86400
date: Thu, 29 Feb 2024 21:16:58 GMT
server: nginx
vary: Origin
x-powered-by: Express

GET
H3 200 css
fonts.googleapis.com/ Frame 9B50 2 KB
499 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans:400,500&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8615a11ed34069a21ce626de75f2f67f5397b20f567624a26dbf738598d8fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 21:16:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 21:16:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 21:16:58 GMT

GET
H2 200 get-threads-byId Show response
api-v2.alive5.com/1.0/thread/ Frame 9B50 52 B
1 KB 127ms
127ms XHR
application/json 54.87.156.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-v2.alive5.com/1.0/thread/get-threads-byId?org_name=thunderbirds&thread_id=0c72cc8e-cbf1-44fd-b858-07199c6200d8&crm_id=5ddc4796-1345-44cd-a49c-c8cd05e78f14&code=2&enabled_redis_storage=false&visitor=true&referrer=&page_url=https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package&attach_botchain=thunderbirds%20bot

Requested by

Host: alive5.com
URL: https://alive5.com/js/chat.bundle.js?s=1709183508135

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.87.156.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-87-156-174.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f3b9de3fb9833ebc685f370fcdf018ea6cdd31e6a77feec08a4e92187a1e5605

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://alive5.com/
accept-language: de-DE,de;q=0.9
Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjU5NjQwMTc4ODY0LCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJ0aHVuZGVyYmlyZHMiLCJ0eXBlIjoibGl2ZWNoYXQiLCJjcm1faWQiOiI1ZGRjNDc5Ni0xMzQ1LTQ0Y2QtYTQ5Yy1jOGNkMDVlNzhmMTQiLCJ1c2VyX3JvbGUiOiJ2aXNpdG9yIiwiaWF0IjoxNzA5MjQxNDE4fQ.XLMoeL5O6xsf9NYTkdWFCGuR0OPQ4jFDAiVRHEuGyXQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 21:16:58 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJjcmVhdGVkX2F0IjoxNjU5NjQwMTc4ODY0LCJpc3MiOiJhbGl2ZTVfYXBpIiwib3JnX25hbWUiOiJ0aHVuZGVyYmlyZHMiLCJ0eXBlIjoibGl2ZWNoYXQiLCJjcm1faWQiOiI1ZGRjNDc5Ni0xMzQ1LTQ0Y2QtYTQ5Yy1jOGNkMDVlNzhmMTQiLCJ1c2VyX3JvbGUiOiJ2aXNpdG9yIiwiaWF0IjoxNzA5MjQxNDE4fQ.XLMoeL5O6xsf9NYTkdWFCGuR0OPQ4jFDAiVRHEuGyXQ
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
server: nginx
etag: W/"34-dZu/bfEbcWPDtNLHGA7SpL7f1o8"
x-download-options: noopen
vary: Accept-Encoding, Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://alive5.com
access-control-expose-headers: Authorization,X-A5-APIKEY
access-control-allow-credentials: true

GET
H2 200 thunderbirds-wicon1659628992422.png
files.alive5.com/images/widgets/upload/ Frame 9B50 68 KB
69 KB 18ms
18ms Image
image/png 18.173.187.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.alive5.com/images/widgets/upload/thunderbirds-wicon1659628992422.png
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-28.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3112c1bfa8b387bbe07dfbe2c5c45898d3d0c75b6496443b631432c2429040f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://alive5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: B0UDd3CCPsHOcuDQEiDwo02d8UwNQHDa
date: Thu, 29 Feb 2024 21:16:58 GMT
via: 1.1 b2825f5e779aaa7a75e20fcfeee23920.cloudfront.net (CloudFront)
last-modified: Thu, 04 Aug 2022 16:03:13 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 4469
etag: "ad9c10e9dccdb6950f0baac16a3ab248"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 69872
x-amz-cf-id: yagafox-gZsjnGwOWWo0dCkFHVOTDyj2xc5buhXo7pH4DMV3tVoXmw==

GET
H3 200 QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2
fonts.gstatic.com/s/worksans/v19/ 20 KB
20 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v19/QGY_z_wNahGAdqQ43RhVcIgYT2Xz5u32K0nXBi8Jpg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Work+Sans&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

996d2f01acc82f075e4de4980849bc80c64fb3756054b5265977636a978728f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.springfieldthunderbirds.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:00:04 GMT
x-content-type-options: nosniff
age: 217014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20000
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:54:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:00:04 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 10ms
9ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=688618144623028&ev=PageView&dl=https%3A%2F%2Fwww.springfieldthunderbirds.com%2Ftickets%2Fnapoleon-dynamite-vip-package&rl=&if=false&ts=1709241418662&sw=1600&sh=1200&v=2.9.147&r=stable&ec=0&o=4126&fbp=fb.1.1709241418548.2128113104&ler=empty&cdl=API_unavailable&it=1709241418408&coo=false&exp=e1&rqm=GET

Requested by

Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Feb 2024 21:16:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 form_74a5d20a43.js Show response
static.formstack.com/forms/forms-renderer/builds/public/ Frame B5FF 2 MB
460 KB 64ms
20ms Script
application/javascript 99.84.88.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.formstack.com/forms/forms-renderer/builds/public/form_74a5d20a43.js

Requested by

Host: springfieldthunderbirds.formstack.com
URL: https://springfieldthunderbirds.formstack.com/forms/napoleonvip2024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-127.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

72096e34bba93efe7c58bf0e3406907ccd8f796e639dc106fe362a2ba7a28e51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://springfieldthunderbirds.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 23:29:16 GMT
content-encoding: br
via: 1.1 72818776d4abe4e5a732c084dae83f1a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 28 Feb 2024 21:32:58 GMT
server: CloudFront
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 78461
etag: W/"65dfa68a-1c748e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: eFWdTNUm2AEUnsINPCWt2foL1jKWKgPH4enTRmmdnwQIU_uyWGQqdA==

GET
H2 200 phoneValidation.js
static.formstack.com/forms/forms-renderer/builds/public/ Frame B5FF 0
108 KB 34ms
34ms Other
application/javascript 99.84.88.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.formstack.com/forms/forms-renderer/builds/public/phoneValidation.js

Requested by

Host: static.formstack.com
URL: https://static.formstack.com/forms/forms-renderer/builds/public/form_74a5d20a43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-127.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://springfieldthunderbirds.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 23:29:20 GMT
content-encoding: br
via: 1.1 72818776d4abe4e5a732c084dae83f1a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Wed, 28 Feb 2024 21:29:12 GMT
server: CloudFront
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 78459
etag: W/"65dfa5a8-8b83f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, s-maxage=86400
x-amz-cf-id: SjwXEGepJczfJ5A_f6K1vfptwOeqObSpi-RF5b0ts5wMm7lVGMvWWw==

GET
H2 200 v3 Show response
js.stripe.com/ Frame B5FF 602 KB
167 KB 45ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: static.formstack.com
URL: https://static.formstack.com/forms/forms-renderer/builds/public/form_74a5d20a43.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

b9a4c726f4076b22e10ba03a451248e4a8186941f4790e5f9b940d652768da57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://springfieldthunderbirds.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 21:16:59 GMT
via: 1.1 varnish
age: 51
x-cache: HIT
content-length: 170590
x-request-id: 29d75e31-1f22-4f18-bfa0-74118054c580
x-served-by: cache-fra-etou8220128-FRA
last-modified: Thu, 29 Feb 2024 19:08:24 GMT
server: Fastly
etag: "b171e83133c9fab0c752e4d2c7d67285"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H3 200 css
fonts.googleapis.com/ Frame B5FF 2 KB
450 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,700italic

Requested by

Host: springfieldthunderbirds.formstack.com
URL: https://springfieldthunderbirds.formstack.com/forms/napoleonvip2024

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fc4d5fc6764fbea98a4df16533689da227090a954904ea83e0b134923a884d5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://springfieldthunderbirds.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 21:16:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 21:16:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 21:16:59 GMT

GET
DATA 200
OK truncated
/ Frame B5FF 474 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f51f720f86a6d85e22927d9fa7fb69249cc5c68fb84ad7272df18da0d22a773

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK image_Thunderbirds1617_Primary.png
s3.amazonaws.com/files.formstack.com/public/677405/ Frame B5FF 220 KB
221 KB 332ms
140ms Image
image/png 16.182.34.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/files.formstack.com/public/677405/image_Thunderbirds1617_Primary.png
Requested by: Host: springfieldthunderbirds.formstack.com
URL: https://springfieldthunderbirds.formstack.com/forms/napoleonvip2024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.182.34.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8ff624172577df38dc6c4a3289fa8dc0a69f5b0bac69424e72a91caad1ceb8d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://springfieldthunderbirds.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 21:17:00 GMT
x-amz-version-id: Udcn3lGGiBEWkihKnH30NecyfWYJkkbt
Last-Modified: Tue, 26 Jul 2022 19:44:32 GMT
Server: AmazonS3
x-amz-request-id: KXZ3YZHN91CWABR4
ETag: "b273fb0dca0bcab1358db3ff28f8154c"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-storage-class: STANDARD_IA
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 225461
x-amz-id-2: HNj7ivsZqB4vpFbN1besIxIAlWcLVn14k+YGJCGzIy8NksQEnBnb8WsmlnrRRzdFz4nnTTDJQMQ=

GET
DATA 200
OK truncated
/ Frame B5FF 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a7c9fa9facc4c76191c73e5ab3de4b9341032988ac97733ec5bf7d8314cbd28

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 referralBadge.png
static.formstack.com/forms/forms-renderer/static/image/ Frame B5FF 319 B
729 B 19ms
19ms Image
image/png 99.84.88.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.formstack.com/forms/forms-renderer/static/image/referralBadge.png

Requested by

Host: springfieldthunderbirds.formstack.com
URL: https://springfieldthunderbirds.formstack.com/forms/napoleonvip2024

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-127.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

b440890d9a4023c9b2a1aa8a3232ad9ee870ad88101303b029c4b2008e7244a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://springfieldthunderbirds.formstack.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 18:31:26 GMT
via: 1.1 72818776d4abe4e5a732c084dae83f1a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 29 Feb 2024 16:11:50 GMT
server: CloudFront
x-amz-cf-pop: MUC50-C1
age: 9933
etag: "65e0acc6-13f"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, s-maxage=86400
accept-ranges: bytes
content-length: 319
x-amz-cf-id: xRm0PTMiAP5FcjqA5aQDnhNTVulmMOVi7qzHNWR-QvRODL-4ehMioQ==

GET
H2 200 app_overrides.js Show response
www.springfieldthunderbirds.com/assets/production/2c60037f63//js/ 373 B
398 B 8ms
8ms Script
application/x-javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//js/app_overrides.js
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/assets/production/2c60037f63//js/libs/require.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d6e7218b0893dff3735e7a07970290a580d87afaf750bc1ba033cc046c48a39b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-cache-hits: 1
date: Thu, 29 Feb 2024 21:16:59 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Mon, 12 Feb 2024 18:00:14 GMT
age: 679279
etag: W/"65ca5cae-175"
x-cache: HIT
content-type: application/x-javascript
cache-control: max-age=315360000
x-server: prod05use1cw07
accept-ranges: bytes
content-length: 251
x-served-by: cache-fra-etou8220127-FRA

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ Frame B5FF 23 KB
23 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://springfieldthunderbirds.formstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:59:00 GMT
x-content-type-options: nosniff
age: 217079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:59:00 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ Frame B5FF 23 KB
23 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://springfieldthunderbirds.formstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 09:00:00 GMT
x-content-type-options: nosniff
age: 217019
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 09:00:00 GMT

GET
H3 200 S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ Frame B5FF 24 KB
24 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,700italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://springfieldthunderbirds.formstack.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:55:18 GMT
x-content-type-options: nosniff
age: 217301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24448
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:55:18 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 5F92 200 B
817 B 7ms
7ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://springfieldthunderbirds.formstack.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 252554
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 21:16:59 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Fri, 11 Nov 2022 20:25:37 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 66771
x-content-type-options: nosniff
x-request-id: 63230133-6b9a-415f-8619-49d76407b8f5
x-served-by: cache-fra-etou8220128-FRA

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 5F92 526 B
449 B 7ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 21:16:59 GMT
via: 1.1 varnish
age: 252553
x-cache: HIT
content-length: 315
x-request-id: a0fa1144-b260-4c6e-99f0-bc35f67aa950
x-served-by: cache-fra-etou8220128-FRA
last-modified: Fri, 11 Nov 2022 20:25:36 GMT
server: Fastly
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 63705

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 09E9 930 B
1 KB 17ms
6ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 201
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 21:16:59 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 107
x-content-type-options: nosniff
x-request-id: 0e440777-8084-4c7f-90c9-057458762379
x-served-by: cache-fra-etou8220128-FRA
x-timer: S1709241420.884523,VS0,VE0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 09E9 87 KB
15 KB 6ms
6ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 29 Feb 2024 21:16:59 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 91
x-cache: HIT
content-length: 15509
x-request-id: 6bff2886-d8c7-4bcc-b70c-c3e3093ed353
x-served-by: cache-fra-etou8220128-FRA
server: Fastly
x-timer: S1709241420.896830,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 50

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 40ms
14ms Script
application/x-javascript 2600:9000:2394:2e00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.springfieldthunderbirds.com
URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2394:2e00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 07:29:38 GMT
content-encoding: gzip
via: 1.1 db3ad39d2b444e5c9e38affc6638a5cc.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: AMS1-P2
age: 49641
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: VQOXE6dPWPvhVz35cGQylZq5uleGTu1lJnm4zyrLvgLKWig8sjGPjQ==
expires: Fri, 01 Mar 2024 07:29:38 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 09E9 156 B
669 B 565ms
183ms XHR
application/json 44.239.187.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.239.187.210 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-187-210.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

46514f362e0a0ee226f13a288023ecd802db151bce257c9bb3245f546108b837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Thu, 29 Feb 2024 21:17:00 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1709241420454265
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1709241420454045
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 289ms
92ms Image
image/gif 3.86.74.61
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=springfieldthunderbirds.com&p=%2Ftickets%2Fnapoleon-dynamite-vip-package&u=DS3RQhBXmsvFCGbQJE&d=springfieldthunderbirds.com&g=33785&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=800&m=800&y=3704&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.springfieldthunderbirds.com%2Ftickets%2Fnapoleon-dynamite-vip-package&b=2661&t=C1ErRKcwmwmD0RsabBdM442C12rBM&V=143&i=Napoleon%20Dynamite%20VIP%20Package%20%7C%20Springfield%20Thunderbirds&tz=-60&sn=1&sv=a-I-WBzXlHOCcrllxCTy5_Sky0mI&sr=external&sd=1&im=06532c43&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.86.74.61 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-74-61.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 29 Feb 2024 21:17:00 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-THWC32H9FP&gtm=45je42q1v885217252za220&_p=1709241417507&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=572602347.1709241418&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709241417&sct=1&seg=0&dl=https%3A%2F%2Fwww.springfieldthunderbirds.com%2Ftickets%2Fnapoleon-dynamite-vip-package&dt=Napoleon%20Dynamite%20VIP%20Package%20%7C%20Springfield%20Thunderbirds&en=scroll&epn.percent_scrolled=90&_et=5&tfd=5482
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-THWC32H9FP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:17:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfieldthunderbirds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 15ms
15ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-R8S9EL1XEX&gtm=45je42q1v9163749276za200&_p=1709241417507&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=572602347.1709241418&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=2&sid=1709241417&sct=1&seg=0&dl=https%3A%2F%2Fwww.springfieldthunderbirds.com%2Ftickets%2Fnapoleon-dynamite-vip-package&dt=Napoleon%20Dynamite%20VIP%20Package%20%7C%20Springfield%20Thunderbirds&en=scroll&epn.percent_scrolled=90&_et=8&tfd=5513
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R8S9EL1XEX&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.springfieldthunderbirds.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 21:17:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.springfieldthunderbirds.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.springfieldthunderbirds.com/	1970-01-21 04:23:21	Name: _ga_THWC32H9FP Value: GS1.1.1709241417.1.0.1709241417.60.0.0
.springfieldthunderbirds.com/	1970-01-21 04:23:21	Name: _ga_R8S9EL1XEX Value: GS1.1.1709241417.1.0.1709241417.0.0.0
.springfieldthunderbirds.com/	1970-01-21 04:23:21	Name: _ga Value: GA1.2.572602347.1709241418
.springfieldthunderbirds.com/	1970-01-20 18:48:47	Name: _gid Value: GA1.2.2040861305.1709241418
.springfieldthunderbirds.com/	1970-01-20 18:47:21	Name: _gat_ahlNetwork Value: 1
.springfieldthunderbirds.com/	1970-01-21 04:23:21	Name: FSAV Value: 3224785466.1637261456.1709241418.1709241418.1709241418.1.
.springfieldthunderbirds.com/	1970-01-20 23:10:09	Name: FSAC Value: 3224785466.1709241418.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)
.doubleclick.net/	1970-01-20 23:06:33	Name: receive-cookie-deprecation Value: 1
.springfieldthunderbirds.com/	1970-01-21 04:23:21	Name: _ga_5D69QNBBHF Value: GS1.2.1709241418.1.0.1709241418.0.0.0
.springfieldthunderbirds.com/	1970-01-20 20:56:57	Name: _fbp Value: fb.1.1709241418548.2128113104
.doubleclick.net/	1970-01-20 19:30:33	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 04:08:57	Name: IDE Value: AHWqTUkCFuMCMgpMQuYBESpLvyVlRO_5o4pcRy0IF7ofbpDO23tUfYQsjY_7nLac
api-v2.alive5.com/	1970-01-20 18:57:26	Name: AWSALBCORS Value: MjHd98vnUJULlN+S0c9LlDSvGs4iem1pemqCFQj5Y2/DiCnxUsuoRnzd9vLaNNzut6ibjMYTkQOmmtrI7J02O7jKOiGXtk6hdGzsJUbCST8WjWY+8N6IXwqK+ERo
.springfieldthunderbirds.com/	1970-01-21 04:16:09	Name: _cb Value: DS3RQhBXmsvFCGbQJE
.springfieldthunderbirds.com/	1970-01-21 04:16:09	Name: _chartbeat2 Value: .1709241420014.1709241420014.1.a-I-WBzXlHOCcrllxCTy5_Sky0mI.1
.springfieldthunderbirds.com/	1970-01-20 18:47:23	Name: _cb_svref Value: external
m.stripe.com/	1970-01-21 04:23:21	Name: m Value: e5c06c06-69d6-4f16-92a4-182061714c508bbc24

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bcp.crwdcntrl.net/5/c=931/b=58100480 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bcp.crwdcntrl.net/5/c=931/b=34063802 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1831433273772228?v=2.9.147&r=stable&domain=www.springfieldthunderbirds.com&hme=20c913bdcd4be51a752120153aa5caaecb3ee86c7f26cf737846e40b202aba68&ex_m=62%2C106%2C94%2C98%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C150%2C153%2C164%2C160%2C161%2C163%2C25%2C89%2C45%2C68%2C162%2C145%2C148%2C157%2C158%2C165%2C115%2C13%2C43%2C169%2C168%2C117%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C95%2C97%2C31%2C96%2C26%2C22%2C146%2C149%2C124%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C92%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C93%2C38%2C70%2C60%2C99%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C100(Line 95) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.springfieldthunderbirds.com/tickets/napoleon-dynamite-vip-package Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9504465.fls.doubleclick.net
ad.doubleclick.net
adservice.google.com
alive5.com
analytics.formstack.com
api-v2.alive5.com
bcp.crwdcntrl.net
cdnjs.cloudflare.com
connect.facebook.net
files.alive5.com
fonts.googleapis.com
fonts.gstatic.com
formstack.com
js.stripe.com
m.stripe.com
m.stripe.network
maxcdn.bootstrapcdn.com
offer.fevo.com
ping.chartbeat.net
pubads.g.doubleclick.net
region1.analytics.google.com
region1.google-analytics.com
releases.flowplayer.org
s3.amazonaws.com
springfieldthunderbirds.formstack.com
static.chartbeat.com
static.formstack.com
stats.g.doubleclick.net
team-scaffold.production.carbonhouse.com
theahl.com
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.springfieldthunderbirds.com
108.138.36.120
142.250.186.102
142.250.186.134
151.101.128.176
151.101.130.132
16.182.34.144
18.173.187.28
18.65.39.119
2001:4860:4802:32::36
2001:4860:4802:34::36
2600:9000:237d:8200:6:4f98:bc40:93a1
2600:9000:2394:2e00:18:1fcd:353:c61
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:806::2003
2a00:1450:4001:806::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:400c:c00::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.86.74.61
34.66.84.194
44.239.187.210
52.73.157.84
54.164.119.223
54.87.156.174
63.35.74.224
99.84.88.127
051826119046a87a09a9cdfea5456641e598b89113c28a4ea8150f1905c9e430
0684eb3566a8ef944c4d25b51abe064b2c1f1526f8edff73e2a992e4049c2749
0e04153b5f73bfa7866948f2a9870593d69bfde14e77a1a06af5f567096e5a09
104422dd94592462fa321dc7cab33ea9f68c00faad5a785eb2a82f0682ce013d
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
1347cafe9eb2edf224e1effeb87b34863f43b971a59dec73aee59f9ef1d75db3
16c2edc15aaf7516305122ec78cb0e8e33b4591b11a8ae9ac6a989b84b2e2857
179478bddb718a61355c3f83b9fc32dcb9c22ed470b3c63080475ab78ed9da15
1a8517debadac87d731c9237874a1a86704cd3fbb08d1ad9455e7d2f7a6fda38
1c9ccad1729588a4eaa1db4b1c944badeb8a6e42836866c3c0dd93b24b62ecc5
1f51f720f86a6d85e22927d9fa7fb69249cc5c68fb84ad7272df18da0d22a773
22c865270aca5c49eaaf3ee70ebed45ebd58f7c3541dd3cd1f5a2145b850874c
23aa985ae2ae9ccb19a2ca39be4279fd544074e2dd51a69e61ae76adc40c2e81
2ca1a7143d92ada5089eff6a476e57a0884707d90ddc9b4683e458cd86f983ae
2d342820f36b15f0337e8d1dd335cd72e4913c5b69f304c01ddc29eaea9110b0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3112c1bfa8b387bbe07dfbe2c5c45898d3d0c75b6496443b631432c2429040f0
35d90bcf1feffdc2cb48bfee468d6a335c372ab972b13d14894cab8832487388
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
36116f7a1e7d8be4b89c4729a66a7cc4ea0bfbf1ffed85655c5436b5ad24e997
3617e53a3883567eb02bbc7353c159f3e3ec69cd253c43ac7d7616107e0df505
3740f1b86b9b72a085923d972db5254b596f535902077f8ab27183618650de5d
379b9514ec684415c496828660cd7e54dd3f008a05b006bb57591fd9ea2114a3
396bd1ab182a204c8c227c5d6aef6cbe3a3481500e816635b408da715695dfa1
3a201cff46dcaa5fd8330454b9cc185454b1bc76da1cccf80913404f8d084753
45eb5b3fe501d157cc22cffd523d4194dbeaa4ecc95491f5ea5a7f6658801aa0
46514f362e0a0ee226f13a288023ecd802db151bce257c9bb3245f546108b837
4e49bb62fe2789574bf438a573292a9b19b2e00df6e19ef8812a8b517a2367ee
4eb9b5ae111fbd1f535f2db491c14cf265a066bda69a5b005cf688a77c1e9333
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
58fdc3c35db6874eb3b676a6ba95b4a3a072d7a67e4ee18a01db37dfdfdfb2d4
593e8ba0015655cfca47b977edae4b59e4568d4674d4309922c50fc9464fb70e
5a7c9fa9facc4c76191c73e5ab3de4b9341032988ac97733ec5bf7d8314cbd28
5e32e36d67d436fa5dc42760c7f99fc41c55709c43137a96a0c572133014170a
62b6394775c7ca48c62ec17ba9142f8b2f5a3ff3722279498ccbcc7916bcd4e4
68b07f709fce51cceb3186bd7987951c512c6540b5616840401fde1e04d6f75a
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6de4ee951e0efd5c0c09dc1afd39ee187a3ad0ae947a6b454d93849a6212e142
6e38915c04b3de3c147d589749fe4cb691bbc0ec7b89d72f3771f19a762dfb6d
717bd1c2cecc0fa9f9a5d0550d8f0fd73ab62dbc58514bf77fbdfc68eb62b267
72096e34bba93efe7c58bf0e3406907ccd8f796e639dc106fe362a2ba7a28e51
7230b8256c743518177181b79f6fedd5d9dfad1301fa060c260f10b61e365fef
74538ac3f6e95c70fcf5d93265cb90064e29bb6a37bb7eefb4fb8e899ed9df9e
8615a11ed34069a21ce626de75f2f67f5397b20f567624a26dbf738598d8fc03
89ce0cd9e50f398d011ee1fe6b4f13c4a5b9999a700ba0082eb1869d0d92c87d
8ff624172577df38dc6c4a3289fa8dc0a69f5b0bac69424e72a91caad1ceb8d5
907f5ff24e3732dbeeef45be6c5291ce27c7aa1d754f88c82da8aa4ab9396fd9
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
945ab319c9f3787b68084196c41b9a97f5962c0ebe394ecb6f7b1d1fbfefa180
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
9832893c2ccaef3e10bdf9abb43b6281bff5971ec6fd69d4eea958b48803db7d
996d2f01acc82f075e4de4980849bc80c64fb3756054b5265977636a978728f4
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9b935bda7709001067d9f40d0b008cb0c56170776245f4ff90c77156980ff5e9
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b13a05e8dbcb3d4de88e89497f488e02aba24079a7ed0e9cbb12f2c3b5b66647
b1af9bf68fc8fa81748f021afb78fddb7205e19de6f0e0b19b9704539cf561e5
b1b56dd28d4fe8539d5993725f543549aabbfc192e94197b4ae2068aaee137b8
b363b6d790753d0a2cad32ca9abaa02bdae8fede600c2dcebc69eddc67bf18bb
b3a1dbe475d36dc7eefc3af9511833d22541a8f510ba5acae8ac6d39ffc4e8ae
b440890d9a4023c9b2a1aa8a3232ad9ee870ad88101303b029c4b2008e7244a7
b6426078f8c9f5dfee7b141c2e3a636f30d11bd58889c0c606fbca92927fe640
b6b7fc20b7e5eabb078b5f8f8076e46595e446522eacf29e8096151e7c65ac79
b8ab91ca93b7b2d9375561994ab2b0d361c6825f327f723fba09ec621102a69e
b9a4c726f4076b22e10ba03a451248e4a8186941f4790e5f9b940d652768da57
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bcf50568094fee53b23ac76c2619c488f6c09290f45abcec5029b6bd3143280b
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c69b3c83c19d3e9d45313630f318a3532d282bc8855e61fb130c8c160f0f6057
c73904980df7a03b86d73f34bfdc249019be1d5d6a41219f9d88686c8cb33a40
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d035bcba2713ea2688b7c8a53b43d130a71c5e018c460aa9fa4eaeee00f6b8ec
d1f33f04cb8dbd8faacd723e0b854477e452e7724b46842fe4a2c98ed3ab9063
d48c84fa4a7964d280a9a9226abe5baaf2058d438dc3890b94aeb768298f484e
d6e7218b0893dff3735e7a07970290a580d87afaf750bc1ba033cc046c48a39b
d735fa91a8be750f0db7b22e4d45ef7665d7a4742c400b323374c3ac2cf76a9b
d792f478ebe497335eaa0af11fc016cb1e81ef4d03939f13f94afbb1b4f419ab
dc08e320f23a27298f57a7f9f760653d973489de7cd04cfa6ed4f06d63ec92f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df9b50cf6af66e6d57d3eceb47bc7bb64b4eeef5a8fa0224cd16055f3eab9571
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4233d88dfc4c72ee13403141e3a1a45debb83a004bcd57517ffbfad11bbffbb
e714a8a434ae5a8d937a6dca4e5028c2351cd90567d2f61105ac17df2e6f39c2
ee61f778974fecffb16b268486a89fdde07869c66fc54820ba708a655fa7e564
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e60f36746d4efa38a43a662e146f7ca279803288f2852c14d1137de68002e5
f3b9de3fb9833ebc685f370fcdf018ea6cdd31e6a77feec08a4e92187a1e5605
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f0c5a1935f218b30343d82f6b57259ecf294880c4dbb9479c2803b043135ad
fb13ea77ee80f9ff5416265304bdd1362370ae64875f52067936c5a214edcc83
fc4d5fc6764fbea98a4df16533689da227090a954904ea83e0b134923a884d5f
fcfbbd68b0465ff5ab1bd0c9993f4fbdd9c140a271fe7ca6c7fbc3521096bf19
fd29b3b084cf11160bfc4e99d98a261f2b36bff29113b07367c5204563c5d355
fd8c92f456f31f26c99476bf6c1f2c3dc9cd72529efbaf645bb1a30037cbfe26

www.springfieldthunderbirds.com Open in urlscan Pro 151.101.130.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

114 Requests

98 %HTTPS

50 %IPv6

24 Domains

35 Subdomains

32 IPs

4 Countries

9174 kBTransfer

14077 kBSize

17 Cookies

25 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.springfieldthunderbirds.com Open in urlscan Pro
151.101.130.132 Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

98 %
HTTPS

50 %
IPv6

24
Domains

35
Subdomains

32
IPs

4
Countries

9174 kB
Transfer

14077 kB
Size

17
Cookies

114 HTTP transactions
2 data transactions