mpv.tickets.com Open in urlscan Pro
23.213.161.214  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Page URL
2. https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Page URL
3. https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

• https://6523831.fls.doubleclick.net/activityi;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 HTTP 302
• https://6523831.fls.doubleclick.net/activityi;dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990

Request Chain 37

• https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI HTTP 302
• https://ib.adnxs.com/getuid?https%3A%2F%2Fservedby.ipromote.com%2Fad%2F%3Fsrc%3Dpixel_cid%26cid%3DMSSHVGMN9GI%26anuid%3D$UID HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fservedby.ipromote.com%252Fad%252F%253Fsrc%253Dpixel_cid%2526cid%253DMSSHVGMN9GI%2526anuid%253D%24UID HTTP 302
• https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315

Request Chain 49

• https://adservice.google.de/ddm/fls/i/dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 HTTP 302
• https://6523831.fls.doubleclick.net/ddm/fls/r/dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990

Request Chain 89

• https://6523831.fls.doubleclick.net/activityi;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 HTTP 302
• https://6523831.fls.doubleclick.net/activityi;dc_pre=CMyb7pOh-PcCFSAHBgAdzpQKXg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990

Request Chain 93

• https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI HTTP 302
• https://ib.adnxs.com/getuid?https%3A%2F%2Fservedby.ipromote.com%2Fad%2F%3Fsrc%3Dpixel_cid%26cid%3DMSSHVGMN9GI%26anuid%3D$UID HTTP 302
• https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315

Request Chain 141

• https://6523831.fls.doubleclick.net/activityi;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 HTTP 302
• https://6523831.fls.doubleclick.net/activityi;dc_pre=CMKp3pSh-PcCFT4iBgAdZBULSQ;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990

Request Chain 145

• https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI HTTP 302
• https://ib.adnxs.com/getuid?https%3A%2F%2Fservedby.ipromote.com%2Fad%2F%3Fsrc%3Dpixel_cid%26cid%3DMSSHVGMN9GI%26anuid%3D$UID HTTP 302
• https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315

179 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	/ Show response mpv.tickets.com/	28 KB 13 KB	898ms 708ms	Document text/html	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 3abcb26019c588428ca5041dcc3244c490a93e52279ae532421c3b4a0934161f Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control no-cache, no-store content-encoding gzip content-length 10817 content-type text/html; charset=utf-8 date Tue, 24 May 2022 13:38:27 GMT etag W/"5a5c-cdsQiMnBAFHl8e2sjgy9wpHlvCU" server nginx server-timing edge; dur=7 origin; dur=461 cdn-cache; desc=MISS strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding x-akamai-transformed 9 - 0 pmb=mTOE,4mRUM,1 x-cache-status MISS x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H2	200	vendor-styles.css mpv.tickets.com/style/	158 KB 26 KB	180ms 176ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/vendor-styles.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a5ab7ec9e19fed0380c8f6ced1bc8646126be19bc9c1446c2528801d725b5c3e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=9, origin; dur=151 content-length 25830 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:27 GMT x-download-options noopen vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"2778b-180aa7c8568" expires Tue, 24 May 2022 13:38:27 GMT
GET H2	200	app-font-faces.css mpv.tickets.com/style/	2 KB 745 B	190ms 186ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/app-font-faces.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 5812bd156493f9b5ecf4b219b775073bb8e6d7bddc1879813bd3018903537d9c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=14, origin; dur=146 content-length 293 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:27 GMT x-download-options noopen vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"63c-180aa7c8568" expires Tue, 24 May 2022 13:38:27 GMT
GET H2	200	mpv-unified-design.css mpv.tickets.com/style/	38 KB 8 KB	220ms 216ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/mpv-unified-design.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b78d428782988ebf60f99cd04fbb3c6ed5a2b76a2e63af33b87f18dfd225eac9 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=32, origin; dur=148 content-length 7447 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:27 GMT x-download-options noopen vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"996d-180aa7c8568" expires Tue, 24 May 2022 13:38:27 GMT
GET H2	200	client.style.css mpv.tickets.com/style/client/	325 KB 47 KB	937ms 933ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/client/client.style.css?styleKey=TUBV&version=3.1.55 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e31fa412eba0b2a36d89f29f626f786f924e39626afe5a5a0d42788348f24997 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=REVALIDATE, edge; dur=321, origin; dur=564 content-length 47836 x-xss-protection 1; mode=block server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:28 GMT x-download-options noopen vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, no-transform, max-age=298
GET H2	200	ultra.style.css mpv.tickets.com/style/client/	7 KB 2 KB	248ms 244ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/client/ultra.style.css?styleKey=TUBV Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 83e9bef42ded14b9565fcdb8c38f7f1126d33a873e5096756510d8a0a1be7401 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status MISS x-dns-prefetch-control off server-timing cdn-cache; desc=REVALIDATE, edge; dur=14, origin; dur=172 content-length 1419 x-xss-protection 1; mode=block server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:27 GMT x-download-options noopen vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, no-transform, max-age=300
GET H2	200	client.min.js Show response js.braintreegateway.com/web/3.45.0/js/	39 KB 12 KB	98ms 14ms	Script application/javascript	18.65.39.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.45.0/js/client.min.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-63.ams1.r.cloudfront.net Software nginx / Resource Hash a7b47430bb894bb0cb26cc82a738586d5f6f09e3eff4e752c6b91e059eb6f0ab Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:41:27 GMT content-encoding gzip last-modified Thu, 07 Apr 2022 21:24:22 GMT server nginx age 14498 etag W/"624f5686-9b8f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop AMS1-P1 x-amz-cf-id GMAzoHSpaTIsvHvIknbcitXFubKbh24M0cFrUYviMcG_x489mRFFHg== via 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront) expires Wed, 25 May 2022 09:36:49 GMT
GET H2	200	pay.js Show response pay.google.com/gp/p/js/	95 KB 31 KB	148ms 78ms	Script application/javascript	2a00:1450:400c:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/js/pay.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 04e84921e6e976280e3e76c27ae42071b5140e57e20c4176996e4b50fdd72022 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-_nUo7ZjNsdoSlgkVC9B8wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-_nUo7ZjNsdoSlgkVC9B8wg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:27 GMT content-encoding gzip x-content-type-options nosniff p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server ESF cross-origin-opener-policy same-origin; report-to="InstantbuyFrontendHttp" x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]} content-type application/javascript; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control private, max-age=600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-_nUo7ZjNsdoSlgkVC9B8wg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-_nUo7ZjNsdoSlgkVC9B8wg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport expires Tue, 24 May 2022 13:38:27 GMT
GET H2	200	google-payment.min.js Show response js.braintreegateway.com/web/3.45.0/js/	20 KB 7 KB	99ms 15ms	Script application/javascript	18.65.39.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.45.0/js/google-payment.min.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-63.ams1.r.cloudfront.net Software nginx / Resource Hash 8048dcd96ad7f2f8e681dd3cbc05c56277deef89ee69c403fd2844901bed58aa Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 10:07:00 GMT content-encoding gzip last-modified Thu, 07 Apr 2022 21:24:23 GMT server nginx age 12687 etag W/"624f5687-5079" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop AMS1-P1 x-amz-cf-id RbS_mfUYjzGK330O8SQFfHOqAXgsgvBcdUzq5tFMRqpM_d0tpFqnig== via 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront) expires Wed, 25 May 2022 10:07:00 GMT
GET H2	200	platform.js Show response apis.google.com/js/	52 KB 21 KB	44ms 19ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20361 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" date Tue, 24 May 2022 13:38:27 GMT vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 etag "2cdff035295781be" accept-ranges bytes timing-allow-origin * expires Tue, 24 May 2022 13:38:27 GMT
GET H2	200	checkout.js Show response www.paypalobjects.com/api/	1 MB 235 KB	53ms 11ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/api/checkout.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:27 GMT content-encoding gzip x-content-type-options nosniff access-control-allow-origin * x-cache HIT, HIT paypal-debug-id 40438cc6522a4 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 239948 x-served-by cache-sjc10080-SJC, cache-hhn4055-HHN last-modified Mon, 25 Apr 2022 17:04:48 GMT x-timer S1653399508.716559,VS0,VE0 etag W/"6266d4b0-16d23e" strict-transport-security max-age=31557600 access-control-allow-methods GET content-type application/javascript; charset=utf-8 via 1.1 varnish, 1.1 varnish cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token x-cache-hits 59, 30426
GET H2	200	paypal-checkout.min.js Show response js.braintreegateway.com/web/3.45.0/js/	20 KB 7 KB	98ms 15ms	Script application/javascript	18.65.39.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.45.0/js/paypal-checkout.min.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-63.ams1.r.cloudfront.net Software nginx / Resource Hash 1cf7ac3019142e883a216304574ca49d6f4d0c352ecead593b0050cfcde46408 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 10:24:07 GMT content-encoding gzip last-modified Thu, 07 Apr 2022 21:24:23 GMT server nginx age 11660 etag W/"624f5687-5108" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop AMS1-P1 x-amz-cf-id RTpxQlUBzD1ygu3ZwhzIWfjQRF0hIQQvfujsNplrqloP5FPTpiPOOQ== via 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront) expires Wed, 25 May 2022 10:24:07 GMT
GET H2	200	apple-pay.min.js Show response js.braintreegateway.com/web/3.45.0/js/	18 KB 6 KB	98ms 15ms	Script application/javascript	18.65.39.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.45.0/js/apple-pay.min.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-63.ams1.r.cloudfront.net Software nginx / Resource Hash f37ea7f6be909ffb0d76e0d146ec9211231ef5f2b670d29955c126828a93e956 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 12:48:35 GMT content-encoding gzip last-modified Thu, 07 Apr 2022 21:24:23 GMT server nginx age 2991 etag W/"624f5687-4854" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop AMS1-P1 x-amz-cf-id x1belfKNnEO7oiYnwa91-yNp2MTzdVEjU_6Z89Nu3-rO9pKLQ57TDA== via 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront) expires Wed, 25 May 2022 12:48:35 GMT
GET H2	200	TICKETING3D.js Show response tk3d.tk3dapi.com/ticketing3d/stable/	387 KB 122 KB	63ms 14ms	Script application/javascript	108.157.4.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tk3d.tk3dapi.com/ticketing3d/stable/TICKETING3D.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-16.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 69b84b4fc11e8090e4ac87cf059e280343444cbdd1f43beb94ca181a64fd532c Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Thu, 28 Apr 2022 13:46:10 GMT content-encoding gzip last-modified Wed, 10 Jul 2019 07:29:24 GMT server AmazonS3 age 2245938 etag W/"1b473b301e6e3a4b9520f49c1bc5bdff" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P2 x-amz-cf-id FSLwN4ZzyzqDLii942VnOqyCanbMOEWm1T9FYjQIwgsSLwYKQgNZng==
GET H2	200	vendor.643667877f2eb7a081df.js Show response mpv.tickets.com/js/	716 KB 243 KB	79ms 78ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/js/vendor.643667877f2eb7a081df.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 1fc986ad66d193bff6ec3aaa488878c8e3a548de0361f837ee8f8e40cc907b3b Security Headers Name Value Content-Security-Policy frame-ancestors https://rewards.nationals.com Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy frame-ancestors https://rewards.nationals.com content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 247714 x-xss-protection 1; mode=block last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:27 GMT x-download-options noopen vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, no-transform, max-age=473 etag W/"b31be-180aa7c8568"
GET H2	200	app.4bd065554acf26a4f162.js Show response mpv.tickets.com/js/	1 MB 404 KB	98ms 96ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/js/app.4bd065554acf26a4f162.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 74b48995cd07ca17e76c6ba3f2f200dcb770eca28fb1e21cc4ef12f8d41cd4f4 Security Headers Name Value Content-Security-Policy frame-ancestors https://rewards.nationals.com Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy frame-ancestors https://rewards.nationals.com content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 412492 x-xss-protection 1; mode=block last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:27 GMT x-download-options noopen vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, no-transform, max-age=119 etag W/"166b65-180aa7c8568"
GET H2	200	app-templates.d54cf254f1ed259d807e.js Show response mpv.tickets.com/js/	650 KB 104 KB	113ms 112ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/js/app-templates.d54cf254f1ed259d807e.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c02c9de3b22d735ad852340aef270d894991dbd74f39f9e180841449486c2cb8 Security Headers Name Value Content-Security-Policy frame-ancestors https://rewards.nationals.com Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy frame-ancestors https://rewards.nationals.com content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 106074 x-xss-protection 1; mode=block last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:27 GMT x-download-options noopen vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, no-transform, max-age=491 etag W/"a27e5-180aa7c8568"
GET H2	200	1b5f6a3a Show response mpv.tickets.com/akam/13/	26 KB 9 KB	139ms 139ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/akam/13/1b5f6a3a Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash 95b4fbc97d17cbf21022e62e2b42d1311119c2b8700879aee1e6097dca035480 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 13:38:28 GMT content-encoding gzip last-modified Wed, 09 Feb 2022 15:11:13 GMT etag "76f5280fe520d9d4cc4be39c210cfbff893eed65e650371fc9ff38bae19ff962" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=0, no-cache, no-store server-timing cdn-cache; desc=HIT, edge; dur=126 content-length 8774 expires Tue, 24 May 2022 13:38:28 GMT
GET H2	200	pTPG0hPiE Show response mpv.tickets.com/v_Al42-Wto69f/KGGnpuFT4Ea/HD4/fOOptNmp9u/U3FqJk0lAg/SF/	84 KB 21 KB	123ms 122ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/v_Al42-Wto69f/KGGnpuFT4Ea/HD4/fOOptNmp9u/U3FqJk0lAg/SF/pTPG0hPiE Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:27 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 19:29:24 GMT etag "a7a61709860c0c57ec0c92584ae4f1bc214dfc71043ea43843572e55d14841f6" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=21600 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 20456
GET H2	200	sec-3-6.css mpv.tickets.com/_sec/cp_challenge/	2 KB 846 B	67ms 67ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/_sec/cp_challenge/sec-3-6.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash 25a7a102a22ad70761585350775304dd658ec1b2d79cfcba77d17ae70010a7c3 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:27 GMT content-encoding gzip last-modified Tue, 13 Jul 2021 22:46:43 GMT etag "95ce7e82b5c33f09c2352f308f4307302e880b8830e01ad5b27a139be7f9b862" vary Accept-Encoding content-type text/css access-control-allow-origin * server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 626
GET H2	200	sec-cpt-3-6.js Show response mpv.tickets.com/_sec/cp_challenge/	10 KB 4 KB	23ms 23ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/_sec/cp_challenge/sec-cpt-3-6.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash 05b1cf5bf5ccce6868ffd66fb866bbaa3083ee1960776ed96fc7ad73edc15f83 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:28 GMT content-encoding gzip last-modified Tue, 13 Jul 2021 22:46:44 GMT etag "4724a5413e7eeb6a7ea3e708b5ec5140344e1b2beaefe78ca56625b328570ee0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 3547
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	12 KB 5 KB	51ms 8ms	Script application/x-javascript	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=mpv.tickets.com&source=checkoutjs&t=xo&v=4.0.336 Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/api/checkout.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-xns4dvTvjvxwgz1azBAnWekhzSqckv1azkV9CW5eUt+rjX6M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-xns4dvTvjvxwgz1azBAnWekhzSqckv1azkV9CW5eUt+rjX6M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; content-encoding gzip x-content-type-options nosniff age 1796 x-cache HIT paypal-debug-id f50403829b988 server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 4299 x-xss-protection 1; mode=block x-served-by cache-hhn4078-HHN x-timer S1653399509.698803,VS0,VE1 x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:28 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/x-javascript; charset=utf-8 via 1.1 varnish cache-control public, max-age=3600 etag W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4" accept-ranges bytes x-cache-hits 2
GET H2	200	AG3BG-4ENEN-JJ23L-RGZ4A-S8MYN Show response s.go-mpulse.net/boomerang/	205 KB 49 KB	37ms 9ms	Script application/javascript	2a02:26f0:7100:1b8::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.go-mpulse.net/boomerang/AG3BG-4ENEN-JJ23L-RGZ4A-S8MYN Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:7100:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:28 GMT content-encoding br last-modified Tue, 18 Jan 2022 00:41:37 GMT x-n S vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=604800 timing-allow-origin * content-length 50393
GET H2	200	gtm.js Show response www.googletagmanager.com/	130 KB 49 KB	50ms 24ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NPSNVQH Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 0c6b2fc3a1d42f57adc4bc2998b4c57f0b528964af7a60f97d5af7b6150ff509 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:28 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49494 x-xss-protection 0 last-modified Tue, 24 May 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 24 May 2022 13:38:28 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	35ms 9ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 222 date Tue, 24 May 2022 13:34:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 24 May 2022 15:34:46 GMT
POST H2	201	pTPG0hPiE Show response mpv.tickets.com/v_Al42-Wto69f/KGGnpuFT4Ea/HD4/fOOptNmp9u/U3FqJk0lAg/SF/	18 B 750 B	267ms 267ms	XHR application/json	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/v_Al42-Wto69f/KGGnpuFT4Ea/HD4/fOOptNmp9u/U3FqJk0lAg/SF/pTPG0hPiE Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/v_Al42-Wto69f/KGGnpuFT4Ea/HD4/fOOptNmp9u/U3FqJk0lAg/SF/pTPG0hPiE Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6 Request headers Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 24 May 2022 13:38:29 GMT vary Origin content-type application/json access-control-allow-origin https://mpv.tickets.com, * access-control-allow-credentials true x_req_id 25dc6382-7965-4c0b-8b69-273d090edaa1 server-timing edge; dur=17, origin; dur=235, cdn-cache; desc=MISS access-control-allow-headers Content-Type content-length 18
GET H2	200	proximanova-regular-webfont.woff2 mpv.tickets.com/style/fonts/	21 KB 21 KB	194ms 194ms	Font font/woff2	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/fonts/proximanova-regular-webfont.woff2 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/style/app-font-faces.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 39b137e5fcea119218be1c84065ab0fe6e3a59f115a50c8755ba604b6558ec96 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://mpv.tickets.com/style/app-font-faces.css Origin https://mpv.tickets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=24, origin; dur=147 content-length 21120 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx date Tue, 24 May 2022 13:38:28 GMT x-download-options noopen x-frame-options SAMEORIGIN content-type font/woff2 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"5280-180aa7c8568" accept-ranges bytes expires Tue, 24 May 2022 13:38:28 GMT
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	157 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Content-Type image/png
GET H2	200	payframe Show response pay.google.com/gp/p/ui/ Frame 8942	18 KB 8 KB	223ms 222ms	Document text/html	2a00:1450:400c:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmpv.tickets.com&mid= Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/js/pay.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3550c78bd35929e00c6ab367fd6592b5a5c4d7d112cea71393a51123e0ff01a0 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-kX0lj1MSwSU49MWiqr0Low' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-kX0lj1MSwSU49MWiqr0Low' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mpv.tickets.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=3600 content-encoding gzip content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-kX0lj1MSwSU49MWiqr0Low' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-kX0lj1MSwSU49MWiqr0Low' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi" cross-origin-resource-policy same-site date Tue, 24 May 2022 13:38:28 GMT expires Tue, 24 May 2022 13:38:28 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* report-to {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]} server ESF strict-transport-security max-age=31536000 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 0
GET H2	200	app Show response mpv.tickets.com/lang/	117 KB 118 KB	275ms 275ms	XHR application/json	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/lang/app?agency=TUBM_MYTIXX&ccid=TUBV&configKey=TUBV&locale=en_US&nocache=false&orgid=52990&version=3.1.55 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/js/vendor.643667877f2eb7a081df.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b58e1624f6dd14edafbb23ceabe3974e94b55885e40fe144753967408d92d8b8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff server nginx etag W/"1d485-tyZmYS5vSyiVqWFdYL4bdr+b24E" x-download-options noopen x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache date Tue, 24 May 2022 13:38:29 GMT x-cache-status STALE server-timing edge; dur=20, origin; dur=177, cdn-cache; desc=MISS x-dns-prefetch-control off content-length 119941 x-xss-protection 1; mode=block
GET H2	200	ts t.paypal.com/	42 B 698 B	194ms 153ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=MyProVenue%E2%84%A2&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1653399508858&g=0&completeurl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8F76) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 13:38:28 GMT content-type image/gif server ECAcc (frc/8F76) strict-transport-security max-age=63072000; includeSubDomains; preload p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id ef3c99a94be4d cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=147 timing-allow-origin * content-length 42 expires Tue, 24 May 2022 13:38:28 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	4 B 24 B	30ms 15ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=108801219&t=pageview&_s=1&dl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&ul=en-us&de=UTF-8&dt=MyProVenue%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1475639237&gjid=832357824&cid=1522092842.1653399509&tid=UA-137392018-1&_gid=1035103093.1653399509&_r=1&_slc=1&z=1294045527 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mpv.tickets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 May 2022 13:38:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mpv.tickets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activityi;dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DT... Show response 6523831.fls.doubleclick.net/ Frame 8473 Redirect Chain https://6523831.fls.doubleclick.net/activityi;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3... https://6523831.fls.doubleclick.net/activityi;dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%...	528 B 442 B	36ms 20ms	Document text/html	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6523831.fls.doubleclick.net/activityi;dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPSNVQH Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash 3bbf4a84b7ed98651452a6ae987143bf126f4c774753179743f2f872d3b6d98d Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer about:blank Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-encoding gzip content-length 417 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 13:38:29 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 13:38:28 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://6523831.fls.doubleclick.net/activityi;dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	22ms 22ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=108801219&t=pageview&_s=1&dl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&ul=en-us&de=UTF-8&dt=MyProVenue%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=729329726&gjid=1742633181&cid=1522092842.1653399509&tid=UA-137392018-1&_gid=1035103093.1653399509&_r=1&gtm=2wg5n0NPSNVQH&z=1822986533 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mpv.tickets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 May 2022 13:38:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mpv.tickets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 27 KB	29ms 7ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26310 x-xss-protection 0 pragma public x-fb-debug 9MNH1cYmWFyO8Z1rTiDSu0SgyDycTRWg8+lKwIdp1yxO3E6AR8fv224J7SMYcc7gjF97VYWtIcLQkyNGEgdF4w== x-fb-trip-id 686109401 x-frame-options DENY date Tue, 24 May 2022 13:38:28 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	embedder Show response chat.satis.fi/popup/	163 KB 53 KB	341ms 110ms	Script application/javascript	3.18.40.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chat.satis.fi/popup/embedder?popupId=7552 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPSNVQH Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.40.154 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-40-154.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6e5e398b506aa52a0ef8d57d4862e5707a196c79701e8980404f28b2c3c06924 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:29 GMT content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET etag EE0071338B850E9CAE168F6B3FB367DA vary Accept-Encoding content-type application/javascript content-length 54360
GET H/1.1	200 OK	/ servedby.ipromote.com/ad/ Redirect Chain https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI https://ib.adnxs.com/getuid?https%3A%2F%2Fservedby.ipromote.com%2Fad%2F%3Fsrc%3Dpixel_cid%26cid%3DMSSHVGMN9GI%26anuid%3D$UID https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fservedby.ipromote.com%252Fad%252F%253Fsrc%253Dpixel_cid%2526cid%253DMSSHVGMN9GI%2526anuid%253D%24UID https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315	0 459 B	176ms 176ms	Image text/plain	96.16.128.58 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol HTTP/1.1 Server 96.16.128.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-128-58.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 May 2022 13:38:29 GMT Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 0 Expires Tue, 24 May 2022 13:38:29 GMT Redirect headers Pragma no-cache Date Tue, 24 May 2022 13:38:29 GMT X-Proxy-Origin 193.27.14.20; 193.27.14.20; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 45ff4718-8201-4744-89f0-0fcc9c6ed1a2 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET		8ccbcfcf04bc999e pixel.sitescout.com/iap/	0 0
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 439 B	65ms 20ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-137392018-1&cid=1522092842.1653399509&jid=1475639237&gjid=832357824&_gid=1035103093.1653399509&_u=IEBAAEAAAAAAAC~&z=912454304 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://mpv.tickets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 24 May 2022 13:38:28 GMT content-type text/plain access-control-allow-origin https://mpv.tickets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	config.json Show response c.go-mpulse.net/api/	51 B 323 B	64ms 18ms	XHR application/json	2a02:26f0:6c00:1b8::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://c.go-mpulse.net/api/config.json?key=AG3BG-4ENEN-JJ23L-RGZ4A-S8MYN&d=mpv.tickets.com&t=5511332&v=1.720.0&sl=0&si=e921c64a-298f-46b4-8de5-d25cc726d830-rce383&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=462846 Requested by Host: s.go-mpulse.net URL: https://s.go-mpulse.net/boomerang/AG3BG-4ENEN-JJ23L-RGZ4A-S8MYN Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:6c00:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 08d7bead1e1a7f510450e20518938335539c0b80cd7bbb8cd51743da0f54210f Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 24 May 2022 13:38:28 GMT Cache-Control private, max-age=120, stale-while-revalidate=60, stale-if-error=120 Connection keep-alive Timing-Allow-Origin * Content-Length 51 Content-Type application/json
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 67 B	54ms 20ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-137392018-1&cid=1522092842.1653399509&jid=729329726&gjid=1742633181&_gid=1035103093.1653399509&_u=aEDAAEABAAAAAC~&z=75728784 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://mpv.tickets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 24 May 2022 13:38:28 GMT content-type text/plain access-control-allow-origin https://mpv.tickets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	253050551728055 Show response connect.facebook.net/signals/config/	305 KB 87 KB	138ms 126ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/253050551728055?v=2.9.60&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 02ef20485680aa2098aab2ea5097d92a25e99d31e58ad969183173bb40a9f5c4 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug 5n4zMXhDPtITvfOqYAcZBHPTEStVAwVghfIcvuL4txEVpJl2tWoTOdpjsZDoZ9fq2qYz/mgjyyjJ5UosEBZbuA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Tue, 24 May 2022 13:38:29 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1653399509095 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H3	404	cspreport pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 8942	2 KB 2 KB	19ms 19ms	Other text/html	2a00:1450:400c:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101 Request headers Referer https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmpv.tickets.com&mid= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 24 May 2022 13:38:29 GMT referrer-policy no-referrer alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1608 content-type text/html; charset=UTF-8
GET H2	200	m=_b,_tp Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 8942	150 KB 53 KB	30ms 8ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmpv.tickets.com&mid= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3bbc7e57510660bce536e39fa47021444210d23b2c0416c81b883670607c9366 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 16:16:44 GMT content-encoding gzip x-content-type-options nosniff age 76905 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53862 x-xss-protection 0 last-modified Sat, 21 May 2022 01:25:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Tue, 23 May 2023 16:16:44 GMT
GET H2	200	dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX... Show response adservice.google.com/ddm/fls/i/ Frame E2CA	527 B 886 B	76ms 53ms	Document text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 Requested by Host: 6523831.fls.doubleclick.net URL: https://6523831.fls.doubleclick.net/activityi;dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 552b3a65b06ea2cf9482997b862fd5d34f18cc47bfdd1b42cd0baf41ffe89667 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://6523831.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-encoding gzip content-length 417 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 13:38:29 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGP... Frame 8942	77 KB 28 KB	24ms 8ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGPIlRz8r4w.L.B1.O/am=DwAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfri47yGawnKFVP6Dpmz5LiVlPFId1A/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee076fefec9d9cf1e8b0e32afa11ea15131a230ccf8675270aa64469e92ffc1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 16:16:44 GMT content-encoding gzip x-content-type-options nosniff age 76905 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28718 x-xss-protection 0 last-modified Fri, 20 May 2022 02:25:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Tue, 23 May 2023 16:16:44 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/ Frame 8942	49 KB 20 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGPIlRz8r4w.L.B1.O/am=DwAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfri47yGawnKFVP6Dpmz5LiVlPFId1A/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 223 date Tue, 24 May 2022 13:34:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 24 May 2022 15:34:46 GMT
GET H3	200	pay Show response pay.google.com/gp/p/ui/ Frame 8942	1 MB 348 KB	78ms 77ms	XHR text/html	2a00:1450:400c:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/pay Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ed61c0025b9376c68e21bfd3065c6afe64312c291614047d2e310e5a553b3523 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-zs3DzDIMK5wUkPCllnjW0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-zs3DzDIMK5wUkPCllnjW0g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge server ESF cross-origin-opener-policy unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi" date Tue, 24 May 2022 13:38:29 GMT x-frame-options DENY report-to {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]} content-type text/html; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-zs3DzDIMK5wUkPCllnjW0g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-zs3DzDIMK5wUkPCllnjW0g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport expires Tue, 24 May 2022 13:38:29 GMT
GET H3	200	dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX... Show response 6523831.fls.doubleclick.net/ddm/fls/r/ Frame 63BF Redirect Chain https://adservice.google.de/ddm/fls/i/dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv... https://6523831.fls.doubleclick.net/ddm/fls/r/dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%...	886 B 574 B	26ms 26ms	Document text/html	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6523831.fls.doubleclick.net/ddm/fls/r/dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 Requested by Host: adservice.google.com URL: https://adservice.google.com/ddm/fls/i/dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash 39d1458133583d54a12efdb92bd9a4431bfab05ada69c55a6a0b86ae919b6ee1 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://adservice.google.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 549 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 13:38:29 GMT expires Tue, 24 May 2022 13:38:29 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 13:38:29 GMT expires Fri, 01 Jan 1990 00:00:00 GMT location https://6523831.fls.doubleclick.net/ddm/fls/r/dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" pragma no-cache server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame 8942	131 B 155 B	57ms 41ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 24 May 2022 13:38:29 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Tue, 24 May 2022 13:38:29 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	61ms 39ms	Preflight text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 24 May 2022 13:38:29 GMT expires Tue, 24 May 2022 13:38:29 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame 8942	131 B 155 B	59ms 42ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 24 May 2022 13:38:29 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Tue, 24 May 2022 13:38:29 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	54ms 39ms	Preflight text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 24 May 2022 13:38:29 GMT expires Tue, 24 May 2022 13:38:29 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame 8942	131 B 155 B	56ms 41ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 24 May 2022 13:38:29 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Tue, 24 May 2022 13:38:29 GMT
OPTIONS H2	200	log play.google.com/ Frame	0 0	46ms 39ms	Preflight text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 24 May 2022 13:38:29 GMT expires Tue, 24 May 2022 13:38:29 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
GET H3	200	m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGP... Frame 8942	18 KB 7 KB	11ms 10ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGPIlRz8r4w.L.B1.O/am=DwAC/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfri47yGawnKFVP6Dpmz5LiVlPFId1A/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ef90e10981a394222cac522b9b4ff2c016d2a82a3fddab3c243612952d312ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 16:16:44 GMT content-encoding gzip x-content-type-options nosniff age 76905 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7428 x-xss-protection 0 last-modified Fri, 20 May 2022 02:25:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Tue, 23 May 2023 16:16:44 GMT
GET H3	200	m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGP... Frame 8942	37 KB 14 KB	10ms 10ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGPIlRz8r4w.L.B1.O/am=DwAC/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfri47yGawnKFVP6Dpmz5LiVlPFId1A/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92759b2932d017491022b2be1da8b3f95f2621a6ae27987b1fcdce9a8cb6ef72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 16:16:44 GMT content-encoding gzip x-content-type-options nosniff age 76905 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14182 x-xss-protection 0 last-modified Fri, 20 May 2022 02:25:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Tue, 23 May 2023 16:16:44 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 408 B	23ms 7ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=253050551728055&ev=PageView&dl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&rl=&if=false&ts=1653399509199&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=30&fbp=fb.1.1653399509198.1934855062&it=1653399508960&coo=false&rqm=GET Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:29 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Tue, 24 May 2022 13:38:29 GMT
POST H2	200	log Show response play.google.com/ Frame 8942	131 B 672 B	64ms 44ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 24 May 2022 13:38:29 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Tue, 24 May 2022 13:38:29 GMT
GET H2	200	aquant.js Show response secure.quantserve.com/ Frame 63BF	24 KB 10 KB	73ms 9ms	Script application/javascript	2620:116:800d:21:f916:5049:f87f:108e AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/aquant.js?a=p-M_-sPw2KcS0AJ Requested by Host: 6523831.fls.doubleclick.net URL: https://6523831.fls.doubleclick.net/ddm/fls/r/dc_pre=CIGLn5Oh-PcCFUyBUQoddOYEAg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=2735931381308;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468 Request headers accept-language de-DE,de;q=0.9 Referer https://6523831.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:29 GMT content-encoding gzip etag "u2JtyZzqnTXwzBUswy2r+w==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Tue, 31 May 2022 13:38:29 GMT
POST H2	200	pixel_1b5f6a3a Show response mpv.tickets.com/akam/13/	0 649 B	40ms 40ms	XHR text/html	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/akam/13/pixel_1b5f6a3a Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/akam/13/1b5f6a3a Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers X-Sec-Clge-Req-Type ajax Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin * date Tue, 24 May 2022 13:38:29 GMT server-timing cdn-cache; desc=HIT, edge; dur=17 content-length 0 content-type text/html
GET H2	200	rules-p-M_-sPw2KcS0AJ.js rules.quantcount.com/ Frame 63BF	2 KB 1 KB	454ms 413ms	Script application/javascript	2600:9000:2315:f000:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-M_-sPw2KcS0AJ.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/aquant.js?a=p-M_-sPw2KcS0AJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:f000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://6523831.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT content-encoding gzip last-modified Mon, 18 Mar 2019 15:03:50 GMT server AmazonS3 x-amz-cf-pop DUS51-P2 etag W/"009ac111e86128944a8cf3c9ff03be1c" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript access-control-allow-origin * cache-control max-age=3600 cross-origin-resource-policy cross-origin x-cache RefreshHit from cloudfront x-amz-cf-id Tr0eKi6bGN9bd6A5CEdjcW1VhK8_mgmcgptXpQntQWZ9VO361BSbVA== via 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront)
GET H2	200	GetCSS chat.satis.fi/popup/	52 KB 4 KB	108ms 108ms	Stylesheet text/css	3.18.40.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chat.satis.fi/popup/GetCSS Requested by Host: chat.satis.fi URL: https://chat.satis.fi/popup/embedder?popupId=7552 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.40.154 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-40-154.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5d751e5212eeb8836cb94a9feb3b0983981fe1eba8535c65a5e8c1c476179368 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:29 GMT content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET etag EE0071338B850E9CAE168F6B3FB367DA vary Accept-Encoding content-type text/css content-length 4370
GET		GetAWSConfig chat.satis.fi/Default/	0 0
OPTIONS H2	200	logger www.paypal.com/xoplatform/logger/api/ Frame	0 0	202ms 188ms	Preflight	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type,x-app-name,x-requested-with Access-Control-Request-Method POST Origin https://mpv.tickets.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers accept-ranges none access-control-allow-credentials true access-control-allow-headers content-type,x-app-name,x-requested-with access-control-allow-methods POST access-control-allow-origin https://mpv.tickets.com cache-control max-age=0, no-cache, no-store, must-revalidate content-encoding br date Tue, 24 May 2022 13:38:29 GMT dc ccg11-origin-www-1.paypal.com paypal-debug-id f7597562f0339 server-timing content-encoding;desc="",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload vary accept-encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-content-type-options nosniff x-served-by cache-hhn4046-HHN x-timer S1653399510.639299,VS0,VE180
GET H2	200	/ Show response mpv.tickets.com/ticketmanagement/	27 KB 11 KB	183ms 183ms	Document text/html	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/js/app.4bd065554acf26a4f162.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 32aa7a02b7e8a99b005e439cdc77417e8ee6e6dfa8afbe473c4ef3104ba0d40a Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control no-cache, no-store content-encoding gzip content-length 10238 content-type text/html; charset=utf-8 date Tue, 24 May 2022 13:38:29 GMT etag W/"5801-GRYHUZNBpsMxexs2JMH2eyDeeSI" server nginx server-timing edge; dur=3 origin; dur=163 cdn-cache; desc=MISS strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding x-akamai-transformed 9 - 0 pmb=mTOE,2mRUM,1 x-cache-status MISS x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
POST		logger www.paypal.com/xoplatform/logger/api/	0 0
GET		TUBV_90x90.png akamai-tickets.akamaized.net/images/primarysales/mtm/	0 0
GET		proximanova-semibold-webfont.woff2 mpv.tickets.com/style/fonts/	0 0
GET		glyphicons-halflings-regular.woff2 mpv.tickets.com/style/fonts/	0 0
GET		icomoon.woff mpv.tickets.com/style/fonts/	0 0
GET		pixel;r=477575182;labels=_fp.event.Default;rf=0;a=p-M_-sPw2KcS0AJ;url=https%3A%2F%2F6523831.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIGLn5Oh-PcCFUyBUQoddOYEAg%3Bsrc%3D6523831%3Btype%3Dcounte... pixel.quantserve.com/ Frame 63BF	0 0
OPTIONS H2	200	logger www.paypal.com/xoplatform/logger/api/ Frame	0 0	183ms 183ms	Preflight	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/xoplatform/logger/api/logger Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept */* Access-Control-Request-Headers content-type,x-app-name,x-requested-with Access-Control-Request-Method POST Origin https://mpv.tickets.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers accept-ranges none access-control-allow-credentials true access-control-allow-headers content-type,x-app-name,x-requested-with access-control-allow-methods POST access-control-allow-origin https://mpv.tickets.com cache-control max-age=0, no-cache, no-store, must-revalidate content-encoding br date Tue, 24 May 2022 13:38:29 GMT dc ccg11-origin-www-1.paypal.com paypal-debug-id f75975653650e server-timing content-encoding;desc="",x-cdn;desc="fastly" strict-transport-security max-age=63072000; includeSubDomains; preload vary accept-encoding via 1.1 varnish x-cache MISS x-cache-hits 0 x-content-type-options nosniff x-served-by cache-hhn4046-HHN x-timer S1653399510.817330,VS0,VE176
POST		logger www.paypal.com/xoplatform/logger/api/	0 0
GET		proximanova-semibold-webfont.woff mpv.tickets.com/style/fonts/	0 0
GET		glyphicons-halflings-regular.woff mpv.tickets.com/style/fonts/	0 0
GET H2	200	ultra.style.css mpv.tickets.com/style/client/	7 KB 2 KB	26ms 24ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/client/ultra.style.css?styleKey=TUBV Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 83e9bef42ded14b9565fcdb8c38f7f1126d33a873e5096756510d8a0a1be7401 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status MISS x-dns-prefetch-control off server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1419 x-xss-protection 1; mode=block server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:29 GMT x-download-options noopen vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, no-transform, max-age=298
GET H2	200	mpv-unified-design.css mpv.tickets.com/style/	38 KB 8 KB	227ms 225ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/mpv-unified-design.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b78d428782988ebf60f99cd04fbb3c6ed5a2b76a2e63af33b87f18dfd225eac9 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=26, origin; dur=151 content-length 7447 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:30 GMT x-download-options noopen vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"996d-180aa7c8568" expires Tue, 24 May 2022 13:38:30 GMT
GET H2	200	ticketmanagement-page.css mpv.tickets.com/style/	23 KB 6 KB	250ms 248ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/ticketmanagement-page.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 75ff6d9b88fe54b33127073d8d8b4af49b943090d230830d8f29105633d3bb2c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=30, origin; dur=151 content-length 5210 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:30 GMT x-download-options noopen vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"5cd3-180aa7c8568" expires Tue, 24 May 2022 13:38:30 GMT
GET H3	200	platform.js Show response apis.google.com/js/	52 KB 20 KB	33ms 15ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20361 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" date Tue, 24 May 2022 13:38:29 GMT vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 etag "2cdff035295781be" accept-ranges bytes timing-allow-origin * expires Tue, 24 May 2022 13:38:29 GMT
GET H2	200	ticketmanagement-page.0068359bd9cc2afccb12.js Show response mpv.tickets.com/js/	2 MB 407 KB	821ms 820ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/js/ticketmanagement-page.0068359bd9cc2afccb12.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 020d8927d52261db4e216dfa1a3d1b9fad0925a5a8a855072e602f3a8231e5f6 Security Headers Name Value Content-Security-Policy frame-ancestors https://rewards.nationals.com Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy frame-ancestors https://rewards.nationals.com content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=REVALIDATE, edge; dur=22, origin; dur=723 content-length 415150 x-xss-protection 1; mode=block last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:30 GMT x-download-options noopen vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, no-transform, max-age=865 etag W/"1a4a0f-180aa7c8568"
GET H2	200	pTPG0hPiE Show response mpv.tickets.com/v_Al42-Wto69f/KGGnpuFT4Ea/HD4/fOOptNmp9u/U3FqJk0lAg/SF/	84 KB 20 KB	93ms 92ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/v_Al42-Wto69f/KGGnpuFT4Ea/HD4/fOOptNmp9u/U3FqJk0lAg/SF/pTPG0hPiE Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:29 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 19:29:24 GMT etag "a7a61709860c0c57ec0c92584ae4f1bc214dfc71043ea43843572e55d14841f6" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=21600 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 20456
GET H2	200	sec-3-6.css mpv.tickets.com/_sec/cp_challenge/	2 KB 846 B	65ms 64ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/_sec/cp_challenge/sec-3-6.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash 25a7a102a22ad70761585350775304dd658ec1b2d79cfcba77d17ae70010a7c3 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:29 GMT content-encoding gzip last-modified Tue, 13 Jul 2021 22:46:43 GMT etag "95ce7e82b5c33f09c2352f308f4307302e880b8830e01ad5b27a139be7f9b862" vary Accept-Encoding content-type text/css access-control-allow-origin * server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 626
GET H2	200	sec-cpt-3-6.js Show response mpv.tickets.com/_sec/cp_challenge/	10 KB 4 KB	18ms 17ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/_sec/cp_challenge/sec-cpt-3-6.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash 05b1cf5bf5ccce6868ffd66fb866bbaa3083ee1960776ed96fc7ad73edc15f83 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT content-encoding gzip last-modified Tue, 13 Jul 2021 22:46:44 GMT etag "4724a5413e7eeb6a7ea3e708b5ec5140344e1b2beaefe78ca56625b328570ee0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 3547
GET H2	200	AG3BG-4ENEN-JJ23L-RGZ4A-S8MYN Show response s.go-mpulse.net/boomerang/	205 KB 50 KB	8ms 8ms	Script application/javascript	2a02:26f0:7100:1b8::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.go-mpulse.net/boomerang/AG3BG-4ENEN-JJ23L-RGZ4A-S8MYN Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:7100:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT content-encoding br last-modified Tue, 18 Jan 2022 00:41:37 GMT x-n S vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=604800 timing-allow-origin * content-length 50393
GET H3	200	gtm.js Show response www.googletagmanager.com/	130 KB 48 KB	42ms 25ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NPSNVQH Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 970c0c18bdf8d4337c75790f4d427a0e3c6691d014eeb62188edc2b607e715c4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49500 x-xss-protection 0 last-modified Tue, 24 May 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 24 May 2022 13:38:30 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 224 date Tue, 24 May 2022 13:34:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 24 May 2022 15:34:46 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	14ms 14ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=156340182&t=pageview&_s=1&dl=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&ul=en-us&de=UTF-8&dt=Ticket%20Administration%20%7C%20MyProVenue%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=1522092842.1653399509&tid=UA-137392018-1&_gid=1035103093.1653399509&_slc=1&z=1495749208 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mpv.tickets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 May 2022 13:38:30 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mpv.tickets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activityi;dc_pre=CMyb7pOh-PcCFSAHBgAdzpQKXg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagem... Show response 6523831.fls.doubleclick.net/ Frame 05DE Redirect Chain https://6523831.fls.doubleclick.net/activityi;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanag... https://6523831.fls.doubleclick.net/activityi;dc_pre=CMyb7pOh-PcCFSAHBgAdzpQKXg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%...	1 KB 760 B	23ms 23ms	Document text/html	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6523831.fls.doubleclick.net/activityi;dc_pre=CMyb7pOh-PcCFSAHBgAdzpQKXg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPSNVQH Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash 87afa4c757864f13e59766ff85947e290133d3b917b5f4b0d50b42859033e00f Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer about:blank Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 737 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 13:38:30 GMT expires Tue, 24 May 2022 13:38:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 13:38:30 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://6523831.fls.doubleclick.net/activityi;dc_pre=CMyb7pOh-PcCFSAHBgAdzpQKXg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 26 KB	8ms 8ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26310 x-xss-protection 0 pragma public x-fb-debug 9MNH1cYmWFyO8Z1rTiDSu0SgyDycTRWg8+lKwIdp1yxO3E6AR8fv224J7SMYcc7gjF97VYWtIcLQkyNGEgdF4w== x-frame-options DENY date Tue, 24 May 2022 13:38:30 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	embedder Show response chat.satis.fi/popup/	163 KB 53 KB	109ms 108ms	Script application/javascript	3.18.40.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chat.satis.fi/popup/embedder?popupId=7552 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPSNVQH Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.40.154 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-40-154.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6e5e398b506aa52a0ef8d57d4862e5707a196c79701e8980404f28b2c3c06924 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET etag EE0071338B850E9CAE168F6B3FB367DA vary Accept-Encoding content-type application/javascript content-length 54360
GET H3	200	collect www.google-analytics.com/	35 B 55 B	9ms 9ms	Image image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=156340182&t=pageview&_s=1&dl=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&ul=en-us&de=UTF-8&dt=Ticket%20Administration%20%7C%20MyProVenue%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEABAAAAAC~&jid=&gjid=&cid=1522092842.1653399509&tid=UA-137392018-1&_gid=1035103093.1653399509&gtm=2wg5n0NPSNVQH&z=167718369 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Mon, 23 May 2022 22:47:34 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 53456 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ servedby.ipromote.com/ad/ Redirect Chain https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI https://ib.adnxs.com/getuid?https%3A%2F%2Fservedby.ipromote.com%2Fad%2F%3Fsrc%3Dpixel_cid%26cid%3DMSSHVGMN9GI%26anuid%3D$UID https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315	0 459 B	191ms 191ms	Image text/plain	96.16.128.58 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol HTTP/1.1 Server 96.16.128.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-128-58.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 May 2022 13:38:30 GMT Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 0 Expires Tue, 24 May 2022 13:38:30 GMT Redirect headers Pragma no-cache Date Tue, 24 May 2022 13:38:30 GMT X-Proxy-Origin 193.27.14.20; 193.27.14.20; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid fdc0a90e-a2e8-4df4-a878-0bf4fd60d517 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET		8ccbcfcf04bc999e pixel.sitescout.com/iap/	0 0
GET H3	200	253050551728055 Show response connect.facebook.net/signals/config/	305 KB 87 KB	12ms 11ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/253050551728055?v=2.9.60&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 02ef20485680aa2098aab2ea5097d92a25e99d31e58ad969183173bb40a9f5c4 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 88792 x-xss-protection 0 pragma public x-fb-debug 5n4zMXhDPtITvfOqYAcZBHPTEStVAwVghfIcvuL4txEVpJl2tWoTOdpjsZDoZ9fq2qYz/mgjyyjJ5UosEBZbuA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Tue, 24 May 2022 13:38:30 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	17ms 8ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=253050551728055&ev=PageView&dl=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990%23&rl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&if=false&ts=1653399510324&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=30&fbp=fb.1.1653399509198.1934855062&it=1653399510289&coo=false&rqm=GET Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Tue, 24 May 2022 13:38:30 GMT
GET H3	200	dc_pre=CMyb7pOh-PcCFSAHBgAdzpQKXg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=*;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%... adservice.google.com/ddm/fls/z/ Frame 05DE	42 B 63 B	71ms 52ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CMyb7pOh-PcCFSAHBgAdzpQKXg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=*;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 Requested by Host: 6523831.fls.doubleclick.net URL: https://6523831.fls.doubleclick.net/activityi;dc_pre=CMyb7pOh-PcCFSAHBgAdzpQKXg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6523831.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 13:38:30 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	aquant.js Show response secure.quantserve.com/ Frame 05DE	24 KB 10 KB	10ms 10ms	Script application/javascript	2620:116:800d:21:f916:5049:f87f:108e AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/aquant.js?a=p-M_-sPw2KcS0AJ Requested by Host: 6523831.fls.doubleclick.net URL: https://6523831.fls.doubleclick.net/activityi;dc_pre=CMyb7pOh-PcCFSAHBgAdzpQKXg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468 Request headers accept-language de-DE,de;q=0.9 Referer https://6523831.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT content-encoding gzip etag "u2JtyZzqnTXwzBUswy2r+w==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Tue, 31 May 2022 13:38:30 GMT
GET H2	200	rules-p-M_-sPw2KcS0AJ.js Show response rules.quantcount.com/ Frame 05DE	2 KB 1 KB	11ms 10ms	Script application/javascript	2600:9000:2315:f000:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-M_-sPw2KcS0AJ.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/aquant.js?a=p-M_-sPw2KcS0AJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:f000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 84f708daa18956ebd61085541e9c87b5af56213b1c22b6795530c02ff56b6602 Request headers accept-language de-DE,de;q=0.9 Referer https://6523831.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT content-encoding gzip age 1 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Mon, 18 Mar 2019 15:03:50 GMT server AmazonS3 etag W/"009ac111e86128944a8cf3c9ff03be1c" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript via 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop DUS51-P2 x-amz-cf-id BE1Wppy50WCikGR4dpuM2QM2zmQi73GVfPqEfDDEU7iHnXe7Rc00gA==
GET H2	200	pixel;r=657650232;labels=_fp.event.Default;rf=0;a=p-M_-sPw2KcS0AJ;url=https%3A%2F%2F6523831.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMyb7pOh-PcCFSAHBgAdzpQKXg%3Bsrc%3D6523831%3Btype%3Dcounter0%3... pixel.quantserve.com/ Frame 05DE	35 B 373 B	12ms 12ms	Image image/gif	2620:116:800d:21:ee05:6a01:4b41:8c89 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=657650232;labels=_fp.event.Default;rf=0;a=p-M_-sPw2KcS0AJ;url=https%3A%2F%2F6523831.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMyb7pOh-PcCFSAHBgAdzpQKXg%3Bsrc%3D6523831%3Btype%3Dcounter0%3Bcat%3Dtulsa17%3Bord%3D1%3Bnum%3D1389480194142%3Bgtm%3D2wg5n0%3Bauiddc%3D1738165070.1653399509%3B~oref%3Dhttps%253A%252F%252Fmpv.tickets.com%252Fticketmanagement%252F%253Fagency%253DTUBM_MYTIXX%2526orgid%253D52990%3F;ref=https%3A%2F%2Fmpv.tickets.com%2F;uht=2;fpan=1;fpa=P0-400069495-1653399510362;pbc=;ns=1;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=6523831.fls.doubleclick.net;je=0;sr=1600x1200x24;dst=0;et=1653399510362;tzo=0;ogl= Requested by Host: 6523831.fls.doubleclick.net URL: https://6523831.fls.doubleclick.net/activityi;dc_pre=CMyb7pOh-PcCFSAHBgAdzpQKXg;src=6523831;type=counter0;cat=tulsa17;ord=1;num=1389480194142;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://6523831.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 13:38:30 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	GetCSS chat.satis.fi/popup/	52 KB 4 KB	111ms 111ms	Stylesheet text/css	3.18.40.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chat.satis.fi/popup/GetCSS Requested by Host: chat.satis.fi URL: https://chat.satis.fi/popup/embedder?popupId=7552 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.40.154 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-40-154.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5d751e5212eeb8836cb94a9feb3b0983981fe1eba8535c65a5e8c1c476179368 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET etag EE0071338B850E9CAE168F6B3FB367DA vary Accept-Encoding content-type text/css content-length 4370
GET H2	200	GetAWSConfig Show response chat.satis.fi/Default/	187 B 369 B	110ms 110ms	Fetch application/json	3.18.40.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chat.satis.fi/Default/GetAWSConfig Requested by Host: chat.satis.fi URL: https://chat.satis.fi/popup/embedder?popupId=7552 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.40.154 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-40-154.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b7901ec5fc66799d855b5478364c5f391b7d6fe3e1d911a282371e4d66128dc3 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers access-control-allow-origin https://mpv.tickets.com date Tue, 24 May 2022 13:38:30 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET content-type application/json; charset=utf-8
GET H2	200	PopupConfig-7552.js Show response d2zi7r1qsrih6r.cloudfront.net/ClientAssets/PopupConfigs/	1 KB 2 KB	38ms 9ms	Script application/x-javascript	2600:9000:2156:cc00:2:e9fc:a0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/PopupConfigs/PopupConfig-7552.js?v=39f1c840-0ab2-47ba-99b1-875a9d72b2d3 Requested by Host: chat.satis.fi URL: https://chat.satis.fi/popup/embedder?popupId=7552 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:cc00:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c63a37a1d40fd7d4cf29eae6ac0a9b99ff903b233f9d2ed74d2d301a4b31741d Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 24 May 2022 02:21:23 GMT via 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront) last-modified Fri, 01 Apr 2022 12:28:50 GMT server AmazonS3 age 40628 etag "ff7f45a38973f10a07242d71c58bf39e" x-cache Hit from cloudfront content-type application/x-javascript x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 1290 x-amz-cf-id RbD54ry-ZhBilIqVsodHIM93W6AVcA0hERaw51VveEpGbi3MKUG0Eg==
GET H2	200	popuptheme-3574.css Show response d2zi7r1qsrih6r.cloudfront.net/ClientAssets/ThemeFiles/	2 KB 2 KB	42ms 25ms	Fetch text/css	2600:9000:2156:cc00:2:e9fc:a0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/ThemeFiles/popuptheme-3574.css?v=186ec464-375e-46f2-9167-5a922a3fceaf Requested by Host: chat.satis.fi URL: https://chat.satis.fi/popup/embedder?popupId=7552 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:cc00:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f4de43bda6bda2389926ef84d20d51becc1ff7b505084aa5bfd0813668dc57a6 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 14:22:15 GMT via 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront) vary Origin age 83776 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1890 last-modified Fri, 01 Apr 2022 12:28:15 GMT server AmazonS3 etag "1b4bcb8f343fcb829b2533bc0e2ddd57" access-control-max-age 1800 access-control-allow-methods GET content-type text/css access-control-allow-origin * x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id BlRZfE67ar7jyvaRfyB2C9B3Zj4RzncGOeRMa2Ix7DFYKpIBvmC6yg==
GET H2	200	proximanova-regular-webfont.woff2 mpv.tickets.com/style/fonts/	21 KB 21 KB	175ms 175ms	Font font/woff2	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/fonts/proximanova-regular-webfont.woff2 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/style/mpv-unified-design.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://mpv.tickets.com/style/mpv-unified-design.css Origin https://mpv.tickets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=9, origin; dur=147 content-length 21120 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx date Tue, 24 May 2022 13:38:30 GMT x-download-options noopen x-frame-options SAMEORIGIN content-type font/woff2 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"5280-180aa7c8568" accept-ranges bytes expires Tue, 24 May 2022 13:38:30 GMT
GET H2	200	Roboto-Regular.ttf d2zi7r1qsrih6r.cloudfront.net/ClientAssets/Fonts/	159 KB 160 KB	11ms 11ms	Font binary/octet-stream	2600:9000:2156:cc00:2:e9fc:a0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/Fonts/Roboto-Regular.ttf Requested by Host: chat.satis.fi URL: https://chat.satis.fi/popup/GetCSS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:cc00:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54 Request headers Referer https://chat.satis.fi/ Origin https://mpv.tickets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 05:14:11 GMT via 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront) age 30260 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 1800 content-length 162876 last-modified Fri, 10 Apr 2020 14:36:49 GMT server AmazonS3 etag "ac3f799d5bbaf5196fab15ab8de8431c" vary Origin access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id AwZU-wBqX__BVVBGZuK58zRo1IXQsIEX5PB3zSOGt_Kx3kLtzJOUaA==
GET H2	200	/ mpv.tickets.com/lang/app/	117 KB 118 KB	166ms 166ms	XHR application/json	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/lang/app/?ccid=TUBV&orgid=52990&agency=TUBM_MYTIXX&locale=en_US Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/js/ticketmanagement-page.0068359bd9cc2afccb12.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff server nginx etag W/"1d485-tyZmYS5vSyiVqWFdYL4bdr+b24E" x-download-options noopen x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache date Tue, 24 May 2022 13:38:30 GMT x-cache-status STALE server-timing edge; dur=1, origin; dur=148, cdn-cache; desc=MISS x-dns-prefetch-control off content-length 119941 x-xss-protection 1; mode=block
GET H2	200	Primary Request / Show response mpv.tickets.com/	27 KB 11 KB	292ms 291ms	Document text/html	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/js/ticketmanagement-page.0068359bd9cc2afccb12.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 8f714c6727b439a7c5a811f62572fe9cb610ca68e84c8ecb3db1f9411bedce78 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://mpv.tickets.com/ticketmanagement/?agency=TUBM_MYTIXX&orgid=52990 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers access-control-allow-origin * cache-control no-cache, no-store content-encoding gzip content-length 10633 content-type text/html; charset=utf-8 date Tue, 24 May 2022 13:38:31 GMT etag W/"5a5e-yq+9xpvh1v/Y6olD0kruK7iIJnU" server nginx server-timing edge; dur=3 origin; dur=268 cdn-cache; desc=MISS strict-transport-security max-age=15552000; includeSubDomains vary Accept-Encoding x-akamai-transformed 9 - 0 pmb=mTOE,2mRUM,1 x-cache-status MISS x-content-type-options nosniff x-dns-prefetch-control off x-download-options noopen x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	8ms 8ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=253050551728055&ev=PageView&dl=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990%23%2F&rl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&if=false&ts=1653399510823&sw=1600&sh=1200&v=2.9.60&r=stable&ec=1&o=30&fbp=fb.1.1653399509198.1934855062&it=1653399510289&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Tue, 24 May 2022 13:38:30 GMT
GET H/1.1	200 OK	TUBV_90x90.png akamai-tickets.akamaized.net/images/primarysales/mtm/	11 KB 11 KB	39ms 13ms	Image image/png	23.216.77.210 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://akamai-tickets.akamaized.net/images/primarysales/mtm/TUBV_90x90.png Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/style/client/ultra.style.css?styleKey=TUBV Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 23.216.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-216-77-210.deploy.static.akamaitechnologies.com Software nginx / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 13:38:31 GMT Last-Modified Thu, 06 Jan 2022 18:49:17 GMT Server nginx ETag "61d739ad-2a42" Content-Type image/png Cache-Control public, max-age=1799 Connection keep-alive Accept-Ranges bytes Content-Length 10818
GET		icomoon.woff mpv.tickets.com/style/fonts/	0 0
GET		proximanova-semibold-webfont.woff2 mpv.tickets.com/style/fonts/	0 0
GET		proximanova-semibold-webfont.woff mpv.tickets.com/style/fonts/	0 0
GET H2	200	vendor-styles.css mpv.tickets.com/style/	158 KB 26 KB	205ms 200ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/vendor-styles.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash a5ab7ec9e19fed0380c8f6ced1bc8646126be19bc9c1446c2528801d725b5c3e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=33, origin; dur=151 content-length 25830 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:31 GMT x-download-options noopen vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"2778b-180aa7c8568" expires Tue, 24 May 2022 13:38:31 GMT
GET H2	200	app-font-faces.css mpv.tickets.com/style/	2 KB 745 B	184ms 177ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/app-font-faces.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 5812bd156493f9b5ecf4b219b775073bb8e6d7bddc1879813bd3018903537d9c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=9, origin; dur=145 content-length 293 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:31 GMT x-download-options noopen vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"63c-180aa7c8568" expires Tue, 24 May 2022 13:38:31 GMT
GET H2	200	mpv-unified-design.css mpv.tickets.com/style/	38 KB 8 KB	865ms 859ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/mpv-unified-design.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b78d428782988ebf60f99cd04fbb3c6ed5a2b76a2e63af33b87f18dfd225eac9 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=100, origin; dur=719 content-length 7447 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:31 GMT x-download-options noopen vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"996d-180aa7c8568" expires Tue, 24 May 2022 13:38:31 GMT
GET H2	200	client.style.css mpv.tickets.com/style/client/	325 KB 47 KB	59ms 51ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/client/client.style.css?styleKey=TUBV&version=3.1.55 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash e31fa412eba0b2a36d89f29f626f786f924e39626afe5a5a0d42788348f24997 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 47836 x-xss-protection 1; mode=block server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:31 GMT x-download-options noopen vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, no-transform, max-age=295
GET H2	200	ultra.style.css mpv.tickets.com/style/client/	7 KB 2 KB	89ms 81ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/client/ultra.style.css?styleKey=TUBV Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 83e9bef42ded14b9565fcdb8c38f7f1126d33a873e5096756510d8a0a1be7401 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains content-encoding gzip x-content-type-options nosniff x-cache-status MISS x-dns-prefetch-control off server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 1419 x-xss-protection 1; mode=block server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:31 GMT x-download-options noopen vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, no-transform, max-age=296
GET H2	200	client.min.js Show response js.braintreegateway.com/web/3.45.0/js/	39 KB 12 KB	27ms 20ms	Script application/javascript	18.65.39.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.45.0/js/client.min.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-63.ams1.r.cloudfront.net Software nginx / Resource Hash a7b47430bb894bb0cb26cc82a738586d5f6f09e3eff4e752c6b91e059eb6f0ab Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 09:41:27 GMT content-encoding gzip last-modified Thu, 07 Apr 2022 21:24:22 GMT server nginx age 14502 etag W/"624f5686-9b8f" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop AMS1-P1 x-amz-cf-id p3I3-0UCqm7iw1PesYutr4CurrjFB7UOyLFSRR7OT_78Tq-tSHmIaA== via 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront) expires Wed, 25 May 2022 09:36:49 GMT
GET H3	200	pay.js Show response pay.google.com/gp/p/js/	95 KB 30 KB	76ms 71ms	Script application/javascript	2a00:1450:400c:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/js/pay.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 04e84921e6e976280e3e76c27ae42071b5140e57e20c4176996e4b50fdd72022 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-FikgU3lVcfk9vW4yjcEKcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-FikgU3lVcfk9vW4yjcEKcw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server ESF cross-origin-opener-policy same-origin; report-to="InstantbuyFrontendHttp" x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 report-to {"group":"InstantbuyFrontendHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendHttp/external"}]} content-type application/javascript; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control private, max-age=600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-FikgU3lVcfk9vW4yjcEKcw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'nonce-FikgU3lVcfk9vW4yjcEKcw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport expires Tue, 24 May 2022 13:38:31 GMT
GET H2	200	google-payment.min.js Show response js.braintreegateway.com/web/3.45.0/js/	20 KB 7 KB	23ms 16ms	Script application/javascript	18.65.39.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.45.0/js/google-payment.min.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-63.ams1.r.cloudfront.net Software nginx / Resource Hash 8048dcd96ad7f2f8e681dd3cbc05c56277deef89ee69c403fd2844901bed58aa Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 10:07:00 GMT content-encoding gzip last-modified Thu, 07 Apr 2022 21:24:23 GMT server nginx age 12691 etag W/"624f5687-5079" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop AMS1-P1 x-amz-cf-id Esiqrd2TS8wOpAeVpsO5kvtMtM-5P1YQpqsOBWenhVrzbGXehESl-Q== via 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront) expires Wed, 25 May 2022 10:07:00 GMT
GET H3	200	platform.js Show response apis.google.com/js/	52 KB 20 KB	29ms 24ms	Script text/javascript	2a00:1450:4001:831::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/platform.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash da1240738eef80e8630a5749b9258e33d7669859ba8a5ed1da81978092ed03af Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20361 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" date Tue, 24 May 2022 13:38:31 GMT vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 etag "2cdff035295781be" accept-ranges bytes timing-allow-origin * expires Tue, 24 May 2022 13:38:31 GMT
GET H2	200	checkout.js Show response www.paypalobjects.com/api/	1 MB 235 KB	13ms 7ms	Script application/javascript	151.101.130.133 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypalobjects.com/api/checkout.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.130.133 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 507b7a3d5ee5da4ca209424709b37980ea825978862a8913d048e8d6e652777d Security Headers Name Value Strict-Transport-Security max-age=31557600 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:31 GMT content-encoding gzip x-content-type-options nosniff access-control-allow-origin * x-cache HIT, HIT paypal-debug-id 40438cc6522a4 dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 239948 x-served-by cache-sjc10080-SJC, cache-hhn4055-HHN last-modified Mon, 25 Apr 2022 17:04:48 GMT x-timer S1653399511.121185,VS0,VE0 etag W/"6266d4b0-16d23e" strict-transport-security max-age=31557600 access-control-allow-methods GET content-type application/javascript; charset=utf-8 via 1.1 varnish, 1.1 varnish cache-control s-maxage=31536000, public,max-age=3600 accept-ranges bytes timing-allow-origin https://www.paypal.com,https://www.sandbox.paypal.com access-control-allow-headers x-csrf-token x-cache-hits 59, 30427
GET H2	200	paypal-checkout.min.js Show response js.braintreegateway.com/web/3.45.0/js/	20 KB 7 KB	26ms 20ms	Script application/javascript	18.65.39.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.45.0/js/paypal-checkout.min.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-63.ams1.r.cloudfront.net Software nginx / Resource Hash 1cf7ac3019142e883a216304574ca49d6f4d0c352ecead593b0050cfcde46408 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 10:24:07 GMT content-encoding gzip last-modified Thu, 07 Apr 2022 21:24:23 GMT server nginx age 11664 etag W/"624f5687-5108" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop AMS1-P1 x-amz-cf-id crSgr7guhNrBLjPU_OjAkD2C0J26aRRJnnNuNnSeKbH56kmqSKQ8cA== via 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront) expires Wed, 25 May 2022 10:24:07 GMT
GET H2	200	apple-pay.min.js Show response js.braintreegateway.com/web/3.45.0/js/	18 KB 6 KB	26ms 20ms	Script application/javascript	18.65.39.63 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.braintreegateway.com/web/3.45.0/js/apple-pay.min.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.39.63 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-39-63.ams1.r.cloudfront.net Software nginx / Resource Hash f37ea7f6be909ffb0d76e0d146ec9211231ef5f2b670d29955c126828a93e956 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 12:48:35 GMT content-encoding gzip last-modified Thu, 07 Apr 2022 21:24:23 GMT server nginx age 2995 etag W/"624f5687-4854" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript access-control-allow-origin * cache-control max-age=86400 x-amz-cf-pop AMS1-P1 x-amz-cf-id TOeDaMuYd1KJffx34M0h0vgQNzEzb6SXp1hkza1p0fF-PPeUtOjUYw== via 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront) expires Wed, 25 May 2022 12:48:35 GMT
GET H2	200	TICKETING3D.js Show response tk3d.tk3dapi.com/ticketing3d/stable/	387 KB 122 KB	15ms 9ms	Script application/javascript	108.157.4.16 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tk3d.tk3dapi.com/ticketing3d/stable/TICKETING3D.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-16.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 69b84b4fc11e8090e4ac87cf059e280343444cbdd1f43beb94ca181a64fd532c Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Thu, 28 Apr 2022 13:46:10 GMT content-encoding gzip last-modified Wed, 10 Jul 2019 07:29:24 GMT server AmazonS3 age 2245942 etag W/"1b473b301e6e3a4b9520f49c1bc5bdff" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 67b4a3e116ddb07b50403935474117c6.cloudfront.net (CloudFront) x-amz-cf-pop DUS51-P2 x-amz-cf-id ICVNY6myFqyXF2XX3uxTDOjY6uPpH9UDecAVxJv1SVB8PQRAniG8xA==
GET H2	200	vendor.643667877f2eb7a081df.js Show response mpv.tickets.com/js/	716 KB 243 KB	115ms 110ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/js/vendor.643667877f2eb7a081df.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 1fc986ad66d193bff6ec3aaa488878c8e3a548de0361f837ee8f8e40cc907b3b Security Headers Name Value Content-Security-Policy frame-ancestors https://rewards.nationals.com Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy frame-ancestors https://rewards.nationals.com content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 247714 x-xss-protection 1; mode=block last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:31 GMT x-download-options noopen vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, no-transform, max-age=469 etag W/"b31be-180aa7c8568"
GET H2	200	app.4bd065554acf26a4f162.js Show response mpv.tickets.com/js/	1 MB 404 KB	129ms 124ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/js/app.4bd065554acf26a4f162.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 74b48995cd07ca17e76c6ba3f2f200dcb770eca28fb1e21cc4ef12f8d41cd4f4 Security Headers Name Value Content-Security-Policy frame-ancestors https://rewards.nationals.com Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy frame-ancestors https://rewards.nationals.com content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 412492 x-xss-protection 1; mode=block last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:31 GMT x-download-options noopen vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, no-transform, max-age=115 etag W/"166b65-180aa7c8568"
GET H2	200	app-templates.d54cf254f1ed259d807e.js Show response mpv.tickets.com/js/	650 KB 104 KB	140ms 135ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/js/app-templates.d54cf254f1ed259d807e.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c02c9de3b22d735ad852340aef270d894991dbd74f39f9e180841449486c2cb8 Security Headers Name Value Content-Security-Policy frame-ancestors https://rewards.nationals.com Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy frame-ancestors https://rewards.nationals.com content-encoding gzip x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 106074 x-xss-protection 1; mode=block last-modified Mon, 09 May 2022 20:22:09 GMT server nginx x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:31 GMT x-download-options noopen vary Accept-Encoding strict-transport-security max-age=15552000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, no-transform, max-age=487 etag W/"a27e5-180aa7c8568"
GET H2	200	pTPG0hPiE Show response mpv.tickets.com/v_Al42-Wto69f/KGGnpuFT4Ea/HD4/fOOptNmp9u/U3FqJk0lAg/SF/	84 KB 20 KB	149ms 145ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/v_Al42-Wto69f/KGGnpuFT4Ea/HD4/fOOptNmp9u/U3FqJk0lAg/SF/pTPG0hPiE Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash fa43fd4073d3976c0bc94de0d58e6f81290443515528b60e80aa889fa38f80c2 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:31 GMT content-encoding gzip last-modified Mon, 28 Feb 2022 19:29:24 GMT etag "a7a61709860c0c57ec0c92584ae4f1bc214dfc71043ea43843572e55d14841f6" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control max-age=21600 server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 20456
GET H2	200	sec-3-6.css mpv.tickets.com/_sec/cp_challenge/	2 KB 846 B	103ms 98ms	Stylesheet text/css	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/_sec/cp_challenge/sec-3-6.css Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash 25a7a102a22ad70761585350775304dd658ec1b2d79cfcba77d17ae70010a7c3 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:31 GMT content-encoding gzip last-modified Tue, 13 Jul 2021 22:46:43 GMT etag "95ce7e82b5c33f09c2352f308f4307302e880b8830e01ad5b27a139be7f9b862" vary Accept-Encoding content-type text/css access-control-allow-origin * server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 626
GET H2	200	sec-cpt-3-6.js Show response mpv.tickets.com/_sec/cp_challenge/	10 KB 4 KB	11ms 11ms	Script application/javascript	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/_sec/cp_challenge/sec-cpt-3-6.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software / Resource Hash 05b1cf5bf5ccce6868ffd66fb866bbaa3083ee1960776ed96fc7ad73edc15f83 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:31 GMT content-encoding gzip last-modified Tue, 13 Jul 2021 22:46:44 GMT etag "4724a5413e7eeb6a7ea3e708b5ec5140344e1b2beaefe78ca56625b328570ee0" vary Accept-Encoding content-type application/javascript access-control-allow-origin * server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 3547
GET H2	200	pptm.js Show response www.paypal.com/tagmanager/	12 KB 4 KB	8ms 8ms	Script application/x-javascript	151.101.193.21 FASTLY
General Check archive.org Show headers Download Go to Full URL https://www.paypal.com/tagmanager/pptm.js?id=mpv.tickets.com&source=checkoutjs&t=xo&v=4.0.336 Requested by Host: www.paypalobjects.com URL: https://www.paypalobjects.com/api/checkout.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.21 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655 Security Headers Name Value Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-xns4dvTvjvxwgz1azBAnWekhzSqckv1azkV9CW5eUt+rjX6M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-xns4dvTvjvxwgz1azBAnWekhzSqckv1azkV9CW5eUt+rjX6M' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com; content-encoding gzip x-content-type-options nosniff age 1799 x-cache HIT paypal-debug-id f50403829b988 server-timing content-encoding;desc="gzip",x-cdn;desc="fastly" dc ccg11-origin-www-1.paypal.com vary Accept-Encoding content-length 4299 x-xss-protection 1; mode=block x-served-by cache-hhn4078-HHN x-timer S1653399512.000548,VS0,VE1 x-frame-options SAMEORIGIN date Tue, 24 May 2022 13:38:32 GMT strict-transport-security max-age=63072000; includeSubDomains; preload content-type application/x-javascript; charset=utf-8 via 1.1 varnish cache-control public, max-age=3600 etag W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4" accept-ranges bytes x-cache-hits 3
GET H2	200	AG3BG-4ENEN-JJ23L-RGZ4A-S8MYN Show response s.go-mpulse.net/boomerang/	205 KB 50 KB	9ms 8ms	Script application/javascript	2a02:26f0:7100:1b8::11a6 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://s.go-mpulse.net/boomerang/AG3BG-4ENEN-JJ23L-RGZ4A-S8MYN Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 2a02:26f0:7100:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:32 GMT content-encoding br last-modified Tue, 18 Jan 2022 00:41:37 GMT x-n S vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control max-age=604800 timing-allow-origin * content-length 50393
GET H3	200	gtm.js Show response www.googletagmanager.com/	129 KB 48 KB	23ms 22ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-NPSNVQH Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 765efd998adca47fd7fe6a467c175b20c55bde1d57013e038b1c2f29b2485190 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:32 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49394 x-xss-protection 0 last-modified Tue, 24 May 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 24 May 2022 13:38:32 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 226 date Tue, 24 May 2022 13:34:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 24 May 2022 15:34:46 GMT
GET H3	200	payframe Show response pay.google.com/gp/p/ui/ Frame 7126	18 KB 7 KB	221ms 219ms	Document text/html	2a00:1450:400c:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmpv.tickets.com&mid= Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/js/pay.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ae2bbd51e0e65bc6468e1bccc23ce730e4a1b1986fbdace6a12c2f9ce14643d3 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-_3T8ZX1sIx9096-1nHZVrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-_3T8ZX1sIx9096-1nHZVrw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://mpv.tickets.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=3600 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-_3T8ZX1sIx9096-1nHZVrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-_3T8ZX1sIx9096-1nHZVrw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport content-type text/html; charset=utf-8 cross-origin-opener-policy same-origin; report-to="InstantbuyFrontendBuyflowPayframeUi" cross-origin-resource-policy same-site date Tue, 24 May 2022 13:38:32 GMT expires Tue, 24 May 2022 13:38:32 GMT permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* report-to {"group":"InstantbuyFrontendBuyflowPayframeUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayframeUi/external"}]} server ESF strict-transport-security max-age=31536000 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-content-type-options nosniff x-ua-compatible IE=edge x-xss-protection 0
GET H2	200	app Show response mpv.tickets.com/lang/	117 KB 118 KB	164ms 164ms	XHR application/json	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/lang/app?agency=TUBM_MYTIXX&ccid=TUBV&configKey=TUBV&locale=en_US&nocache=false&orgid=52990&version=3.1.55 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/js/vendor.643667877f2eb7a081df.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash b58e1624f6dd14edafbb23ceabe3974e94b55885e40fe144753967408d92d8b8 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff server nginx etag W/"1d485-tyZmYS5vSyiVqWFdYL4bdr+b24E" x-download-options noopen x-frame-options SAMEORIGIN content-type application/json; charset=utf-8 access-control-allow-origin * cache-control no-cache date Tue, 24 May 2022 13:38:32 GMT x-cache-status STALE server-timing edge; dur=1, origin; dur=147, cdn-cache; desc=MISS x-dns-prefetch-control off content-length 119941 x-xss-protection 1; mode=block
GET H2	200	proximanova-regular-webfont.woff2 mpv.tickets.com/style/fonts/	21 KB 21 KB	175ms 174ms	Font font/woff2	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/fonts/proximanova-regular-webfont.woff2 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/style/app-font-faces.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 39b137e5fcea119218be1c84065ab0fe6e3a59f115a50c8755ba604b6558ec96 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://mpv.tickets.com/style/app-font-faces.css Origin https://mpv.tickets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=11, origin; dur=148 content-length 21120 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx date Tue, 24 May 2022 13:38:32 GMT x-download-options noopen x-frame-options SAMEORIGIN content-type font/woff2 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"5280-180aa7c8568" accept-ranges bytes expires Tue, 24 May 2022 13:38:32 GMT
GET H2	200	ts t.paypal.com/	42 B 483 B	166ms 166ms	Image image/gif	192.229.221.25 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=MyProVenue%E2%84%A2&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1653399512089&g=0&completeurl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990%23%2Fauth%2Flogin%3Ffullret%3D%252Fticketmanagement%252F%253Fagency%253DTUBM_MYTIXX%2526orgid%253D52990&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 192.229.221.25 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8F76) / Resource Hash 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 13:38:32 GMT content-type image/gif server ECAcc (frc/8F76) strict-transport-security max-age=63072000; includeSubDomains; preload p3p policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM" paypal-debug-id fefe161ec625c cache-control max-age=0, no-cache, no-store, must-revalidate server-timing content-encoding;desc="", x-cdn;desc="edgecast",edge;dur=160 timing-allow-origin * content-length 42 expires Tue, 24 May 2022 13:38:32 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	15ms 15ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2112231377&t=pageview&_s=1&dl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&ul=en-us&de=UTF-8&dt=MyProVenue%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=AACAAEABAAAAAC~&jid=&gjid=&cid=1522092842.1653399509&tid=UA-137392018-1&_gid=1035103093.1653399509&_slc=1&z=984976792 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://mpv.tickets.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 May 2022 13:38:32 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mpv.tickets.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activityi;dc_pre=CMKp3pSh-PcCFT4iBgAdZBULSQ;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DT... Show response 6523831.fls.doubleclick.net/ Frame 6652 Redirect Chain https://6523831.fls.doubleclick.net/activityi;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3... https://6523831.fls.doubleclick.net/activityi;dc_pre=CMKp3pSh-PcCFT4iBgAdZBULSQ;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%...	1 KB 750 B	26ms 26ms	Document text/html	142.250.184.230 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://6523831.fls.doubleclick.net/activityi;dc_pre=CMKp3pSh-PcCFT4iBgAdZBULSQ;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPSNVQH Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.230 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s12-in-f6.1e100.net Software cafe / Resource Hash 9d6fb15f22d0e9dfe52ff9fcde9f1ebceaa2b1d6f21041f48497820851c06fa1 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer about:blank Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=0 content-encoding gzip content-length 727 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 13:38:32 GMT expires Tue, 24 May 2022 13:38:32 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 13:38:32 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://6523831.fls.doubleclick.net/activityi;dc_pre=CMKp3pSh-PcCFT4iBgAdZBULSQ;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 26 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash acbe6770b0fc8b621a9d4f7068b241fb403fe999ea33270931ee59ec4cfdf3f1 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26310 x-xss-protection 0 pragma public x-fb-debug 9MNH1cYmWFyO8Z1rTiDSu0SgyDycTRWg8+lKwIdp1yxO3E6AR8fv224J7SMYcc7gjF97VYWtIcLQkyNGEgdF4w== x-frame-options DENY date Tue, 24 May 2022 13:38:32 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	embedder Show response chat.satis.fi/popup/	163 KB 53 KB	109ms 108ms	Script application/javascript	3.18.40.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chat.satis.fi/popup/embedder?popupId=7552 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPSNVQH Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.40.154 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-40-154.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 6e5e398b506aa52a0ef8d57d4862e5707a196c79701e8980404f28b2c3c06924 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:32 GMT content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET etag EE0071338B850E9CAE168F6B3FB367DA vary Accept-Encoding content-type application/javascript content-length 54360
GET H3	200	collect www.google-analytics.com/	35 B 55 B	8ms 7ms	Image image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2112231377&t=pageview&_s=1&dl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&ul=en-us&de=UTF-8&dt=MyProVenue%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAEABAAAAAC~&jid=&gjid=&cid=1522092842.1653399509&tid=UA-137392018-1&_gid=1035103093.1653399509&gtm=2wg5n0NPSNVQH&z=701183267 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Mon, 23 May 2022 22:47:34 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 53458 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ servedby.ipromote.com/ad/ Redirect Chain https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI https://ib.adnxs.com/getuid?https%3A%2F%2Fservedby.ipromote.com%2Fad%2F%3Fsrc%3Dpixel_cid%26cid%3DMSSHVGMN9GI%26anuid%3D$UID https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315	0 459 B	175ms 175ms	Image text/plain	96.16.128.58 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol HTTP/1.1 Server 96.16.128.58 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a96-16-128-58.deploy.static.akamaitechnologies.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 May 2022 13:38:32 GMT Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Length 0 Expires Tue, 24 May 2022 13:38:32 GMT Redirect headers Pragma no-cache Date Tue, 24 May 2022 13:38:32 GMT X-Proxy-Origin 193.27.14.20; 193.27.14.20; 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 4c01c660-93af-4802-81dc-e8b1347db378 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://servedby.ipromote.com/ad/?src=pixel_cid&cid=MSSHVGMN9GI&anuid=3431559966908415315 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	204	8ccbcfcf04bc999e pixel.sitescout.com/iap/	0 191 B	2506ms 76ms	Image text/plain	66.155.71.149 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/iap/8ccbcfcf04bc999e Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 13:38:33 GMT cache-control max-age=0,no-cache,no-store server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" expires Tue, 11 Oct 1977 12:34:56 GMT
GET H3	200	253050551728055 Show response connect.facebook.net/signals/config/	305 KB 87 KB	7ms 7ms	Script application/x-javascript	2a03:2880:f01c:216:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/253050551728055?v=2.9.60&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 02ef20485680aa2098aab2ea5097d92a25e99d31e58ad969183173bb40a9f5c4 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 88792 x-xss-protection 0 pragma public x-fb-debug 5n4zMXhDPtITvfOqYAcZBHPTEStVAwVghfIcvuL4txEVpJl2tWoTOdpjsZDoZ9fq2qYz/mgjyyjJ5UosEBZbuA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Tue, 24 May 2022 13:38:32 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	7ms 7ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=253050551728055&ev=PageView&dl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990%23%2Fauth%2Flogin%3Ffullret%3D%252Fticketmanagement%252F%253Fagency%253DTUBM_MYTIXX%2526orgid%253D52990&rl=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&if=false&ts=1653399512161&sw=1600&sh=1200&v=2.9.60&r=stable&ec=0&o=30&fbp=fb.1.1653399509198.1934855062&it=1653399512137&coo=false&exp=p1&rqm=GET Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:32 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Tue, 24 May 2022 13:38:32 GMT
GET H3	200	dc_pre=CMKp3pSh-PcCFT4iBgAdZBULSQ;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=*;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 adservice.google.com/ddm/fls/z/ Frame 6652	42 B 63 B	49ms 49ms	Image image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://adservice.google.com/ddm/fls/z/dc_pre=CMKp3pSh-PcCFT4iBgAdZBULSQ;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=*;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990 Requested by Host: 6523831.fls.doubleclick.net URL: https://6523831.fls.doubleclick.net/activityi;dc_pre=CMKp3pSh-PcCFT4iBgAdZBULSQ;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://6523831.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 13:38:32 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	aquant.js Show response secure.quantserve.com/ Frame 6652	24 KB 10 KB	9ms 9ms	Script application/javascript	2620:116:800d:21:f916:5049:f87f:108e AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://secure.quantserve.com/aquant.js?a=p-M_-sPw2KcS0AJ Requested by Host: 6523831.fls.doubleclick.net URL: https://6523831.fls.doubleclick.net/activityi;dc_pre=CMKp3pSh-PcCFT4iBgAdZBULSQ;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468 Request headers accept-language de-DE,de;q=0.9 Referer https://6523831.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:32 GMT content-encoding gzip etag "u2JtyZzqnTXwzBUswy2r+w==" vary Accept-Encoding content-type application/javascript cache-control private, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes expires Tue, 31 May 2022 13:38:32 GMT
GET H2	200	rules-p-M_-sPw2KcS0AJ.js Show response rules.quantcount.com/ Frame 6652	2 KB 1 KB	12ms 11ms	Script application/javascript	2600:9000:2315:f000:6:44e3:f8c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://rules.quantcount.com/rules-p-M_-sPw2KcS0AJ.js Requested by Host: secure.quantserve.com URL: https://secure.quantserve.com/aquant.js?a=p-M_-sPw2KcS0AJ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2315:f000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 84f708daa18956ebd61085541e9c87b5af56213b1c22b6795530c02ff56b6602 Request headers accept-language de-DE,de;q=0.9 Referer https://6523831.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:30 GMT content-encoding gzip age 3 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin access-control-allow-origin * last-modified Mon, 18 Mar 2019 15:03:50 GMT server AmazonS3 etag W/"009ac111e86128944a8cf3c9ff03be1c" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript via 1.1 7ef588f1ad9c3a185cdaf4119943040e.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-cf-pop DUS51-P2 x-amz-cf-id kpA9jPIJbkaNDZF62HirFPGuOYEOLyj08EsXN8Ev7BgfYwDy1Bse4g==
GET H2	200	pixel;r=205801774;labels=_fp.event.Default;rf=0;a=p-M_-sPw2KcS0AJ;url=https%3A%2F%2F6523831.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMKp3pSh-PcCFT4iBgAdZBULSQ%3Bsrc%3D6523831%3Btype%3Dcounter0%3... pixel.quantserve.com/ Frame 6652	35 B 210 B	12ms 12ms	Image image/gif	2620:116:800d:21:ee05:6a01:4b41:8c89 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel;r=205801774;labels=_fp.event.Default;rf=0;a=p-M_-sPw2KcS0AJ;url=https%3A%2F%2F6523831.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCMKp3pSh-PcCFT4iBgAdZBULSQ%3Bsrc%3D6523831%3Btype%3Dcounter0%3Bcat%3Dtulsa17%3Bord%3D1%3Bnum%3D4609871084962%3Bgtm%3D2wg5n0%3Bauiddc%3D1738165070.1653399509%3B~oref%3Dhttps%253A%252F%252Fmpv.tickets.com%252F%253Fagency%253DTUBM_MYTIXX%2526orgid%253D52990%3F;ref=https%3A%2F%2Fmpv.tickets.com%2F;uht=2;fpan=1;fpa=P0-1422173134-1653399512201;pbc=;ns=1;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=6523831.fls.doubleclick.net;je=0;sr=1600x1200x24;dst=0;et=1653399512201;tzo=0;ogl= Requested by Host: 6523831.fls.doubleclick.net URL: https://6523831.fls.doubleclick.net/activityi;dc_pre=CMKp3pSh-PcCFT4iBgAdZBULSQ;src=6523831;type=counter0;cat=tulsa17;ord=1;num=4609871084962;gtm=2wg5n0;auiddc=1738165070.1653399509;~oref=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990? Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://6523831.fls.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 13:38:32 GMT cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 strict-transport-security max-age=86400 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 6ms	Image image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2112231377&t=event&_s=2&dl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&dp=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990%23%2Fauth%2Flogin%3Ffullret%3D%252Fticketmanagement%252F%253Fagency%253DTUBM_MYTIXX%2526orgid%253D52990&ul=en-us&de=UTF-8&dt=MyProVenue%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=login&ea=ACTION&el=Tulsa%20Drillers%3Bundefined-undefined&_u=SACAAEABAAAAAC~&jid=&gjid=&cid=1522092842.1653399509&tid=UA-137392018-1&_gid=1035103093.1653399509&z=1269156286 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Mon, 23 May 2022 22:47:34 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 53458 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	404	cspreport pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 7126	2 KB 2 KB	19ms 19ms	Other text/html	2a00:1450:400c:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101 Request headers Referer https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmpv.tickets.com&mid= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/csp-report Response headers date Tue, 24 May 2022 13:38:32 GMT referrer-policy no-referrer alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1608 content-type text/html; charset=UTF-8
GET H3	200	m=_b,_tp Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AM... Frame 7126	150 KB 53 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Requested by Host: pay.google.com URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fmpv.tickets.com&mid= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3bbc7e57510660bce536e39fa47021444210d23b2c0416c81b883670607c9366 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 16:16:44 GMT content-encoding gzip x-content-type-options nosniff age 76908 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 53862 x-xss-protection 0 last-modified Sat, 21 May 2022 01:25:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Tue, 23 May 2023 16:16:44 GMT
GET H2	200	GetCSS chat.satis.fi/popup/	52 KB 4 KB	108ms 108ms	Stylesheet text/css	3.18.40.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chat.satis.fi/popup/GetCSS Requested by Host: chat.satis.fi URL: https://chat.satis.fi/popup/embedder?popupId=7552 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.40.154 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-40-154.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash 5d751e5212eeb8836cb94a9feb3b0983981fe1eba8535c65a5e8c1c476179368 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:32 GMT content-encoding gzip server Microsoft-IIS/10.0 x-powered-by ASP.NET etag EE0071338B850E9CAE168F6B3FB367DA vary Accept-Encoding content-type text/css content-length 4370
GET H2	200	GetAWSConfig Show response chat.satis.fi/Default/	187 B 369 B	108ms 107ms	Fetch application/json	3.18.40.154 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://chat.satis.fi/Default/GetAWSConfig Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/_sec/cp_challenge/sec-cpt-3-6.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.18.40.154 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-18-40-154.us-east-2.compute.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash b7901ec5fc66799d855b5478364c5f391b7d6fe3e1d911a282371e4d66128dc3 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers access-control-allow-origin https://mpv.tickets.com date Tue, 24 May 2022 13:38:32 GMT access-control-allow-credentials true server Microsoft-IIS/10.0 x-powered-by ASP.NET content-type application/json; charset=utf-8
GET H3	200	m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGP... Frame 7126	77 KB 28 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGPIlRz8r4w.L.B1.O/am=DwAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfri47yGawnKFVP6Dpmz5LiVlPFId1A/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ee076fefec9d9cf1e8b0e32afa11ea15131a230ccf8675270aa64469e92ffc1d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 16:16:44 GMT content-encoding gzip x-content-type-options nosniff age 76908 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28718 x-xss-protection 0 last-modified Fri, 20 May 2022 02:25:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Tue, 23 May 2023 16:16:44 GMT
GET H3	200	analytics.js Show response www.google-analytics.com/ Frame 7126	49 KB 20 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGPIlRz8r4w.L.B1.O/am=DwAC/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfri47yGawnKFVP6Dpmz5LiVlPFId1A/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 226 date Tue, 24 May 2022 13:34:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 24 May 2022 15:34:46 GMT
GET H3	200	pay Show response pay.google.com/gp/p/ui/ Frame 7126	1 MB 348 KB	89ms 88ms	XHR text/html	2a00:1450:400c:c07::5c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pay.google.com/gp/p/ui/pay Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash ab378449a4dc88e519931af40f50992ce7198b1e16c33174da7a0adc8d5dd1f9 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-5igHKRD9ee6tCcNNy4OExw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-5igHKRD9ee6tCcNNy4OExw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy same-site alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 x-ua-compatible IE=edge server ESF cross-origin-opener-policy unsafe-none; report-to="InstantbuyFrontendBuyflowPayUi" date Tue, 24 May 2022 13:38:32 GMT x-frame-options DENY report-to {"group":"InstantbuyFrontendBuyflowPayUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/InstantbuyFrontendBuyflowPayUi/external"}]} content-type text/html; charset=utf-8 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site cache-control private, max-age=3600 permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=* content-security-policy require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-5igHKRD9ee6tCcNNy4OExw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'nonce-5igHKRD9ee6tCcNNy4OExw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport expires Tue, 24 May 2022 13:38:32 GMT
POST H3	200	log Show response play.google.com/ Frame 7126	131 B 155 B	42ms 41ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 24 May 2022 13:38:32 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Tue, 24 May 2022 13:38:32 GMT
OPTIONS H3	200	log play.google.com/ Frame	0 0	56ms 41ms	Preflight text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 24 May 2022 13:38:32 GMT expires Tue, 24 May 2022 13:38:32 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame 7126	131 B 155 B	43ms 42ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 24 May 2022 13:38:32 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Tue, 24 May 2022 13:38:32 GMT
OPTIONS H3	200	log play.google.com/ Frame	0 0	51ms 40ms	Preflight text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 24 May 2022 13:38:32 GMT expires Tue, 24 May 2022 13:38:32 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
POST H3	200	log Show response play.google.com/ Frame 7126	131 B 155 B	42ms 42ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ X-Goog-AuthUser 0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 24 May 2022 13:38:32 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Tue, 24 May 2022 13:38:32 GMT
OPTIONS H3	200	log play.google.com/ Frame	0 0	45ms 39ms	Preflight text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true&authuser=0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers x-goog-authuser Access-Control-Request-Method POST Origin https://pay.google.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers X-Playlog-Web,authorization,origin,x-goog-authuser access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://pay.google.com access-control-max-age 86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/plain; charset=UTF-8 date Tue, 24 May 2022 13:38:32 GMT expires Tue, 24 May 2022 13:38:32 GMT p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." server Playlog x-frame-options SAMEORIGIN x-xss-protection 0
GET H3	200	m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGP... Frame 7126	18 KB 7 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGPIlRz8r4w.L.B1.O/am=DwAC/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfri47yGawnKFVP6Dpmz5LiVlPFId1A/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ef90e10981a394222cac522b9b4ff2c016d2a82a3fddab3c243612952d312ce Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 16:16:44 GMT content-encoding gzip x-content-type-options nosniff age 76908 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7428 x-xss-protection 0 last-modified Fri, 20 May 2022 02:25:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Tue, 23 May 2023 16:16:44 GMT
GET H3	200	m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGP... Frame 7126	37 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.qGPIlRz8r4w.L.B1.O/am=DwAC/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_tp,payframeview/esmo=1/ed=1/wt=2/rs=AMitfri47yGawnKFVP6Dpmz5LiVlPFId1A/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;iFQyKf:vfuNJf;dIoSBb:SpsfSb;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 92759b2932d017491022b2be1da8b3f95f2621a6ae27987b1fcdce9a8cb6ef72 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pay.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 16:16:44 GMT content-encoding gzip x-content-type-options nosniff age 76908 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14182 x-xss-protection 0 last-modified Fri, 20 May 2022 02:25:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers" vary Accept-Encoding, Origin report-to {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]} content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 accept-ranges bytes expires Tue, 23 May 2023 16:16:44 GMT
POST H3	200	log Show response play.google.com/ Frame 7126	131 B 155 B	41ms 41ms	XHR text/plain	2a00:1450:4001:829::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://play.google.com/log?format=json&hasfast=true Requested by Host: www.gstatic.com URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.3h_xGHX0kdQ.es5.O/am=DwAC/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/esmo=1/rs=AMitfrhO2buwvRUsgBmQTL7zbvWZRgDeKw/m=_b,_tp Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Playlog / Resource Hash 502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pay.google.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Content-Type application/x-www-form-urlencoded;charset=UTF-8 Response headers date Tue, 24 May 2022 13:38:32 GMT content-encoding gzip server Playlog access-control-allow-headers X-Playlog-Web x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." access-control-allow-origin https://pay.google.com cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin content-type text/plain; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 131 x-xss-protection 0 expires Tue, 24 May 2022 13:38:32 GMT
GET H2	200	PopupConfig-7552.js Show response d2zi7r1qsrih6r.cloudfront.net/ClientAssets/PopupConfigs/	1 KB 2 KB	9ms 9ms	Script application/x-javascript	2600:9000:2156:cc00:2:e9fc:a0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/PopupConfigs/PopupConfig-7552.js?v=525fec27-7585-4939-b2cb-2f6ca2cb32f4 Requested by Host: chat.satis.fi URL: https://chat.satis.fi/popup/embedder?popupId=7552 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:cc00:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c63a37a1d40fd7d4cf29eae6ac0a9b99ff903b233f9d2ed74d2d301a4b31741d Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Tue, 24 May 2022 02:21:23 GMT via 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront) last-modified Fri, 01 Apr 2022 12:28:50 GMT server AmazonS3 age 40630 etag "ff7f45a38973f10a07242d71c58bf39e" x-cache Hit from cloudfront content-type application/x-javascript x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 1290 x-amz-cf-id 5yIwwPrsxVXXJlW2GgsbQlf3p48MisComvMXUVURY4gTKJ9dqhFcQA==
GET H2	200	popuptheme-3574.css Show response d2zi7r1qsrih6r.cloudfront.net/ClientAssets/ThemeFiles/	2 KB 2 KB	11ms 10ms	Fetch text/css	2600:9000:2156:cc00:2:e9fc:a0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/ThemeFiles/popuptheme-3574.css?v=186ec464-375e-46f2-9167-5a922a3fceaf Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/_sec/cp_challenge/sec-cpt-3-6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:cc00:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f4de43bda6bda2389926ef84d20d51becc1ff7b505084aa5bfd0813668dc57a6 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Mon, 23 May 2022 14:22:15 GMT via 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront) vary Origin age 83778 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 1890 last-modified Fri, 01 Apr 2022 12:28:15 GMT server AmazonS3 etag "1b4bcb8f343fcb829b2533bc0e2ddd57" access-control-max-age 1800 access-control-allow-methods GET content-type text/css access-control-allow-origin * x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id IvSKdlzE7mML77YYOjK87S3MfWXr4l2xm_vdHwHV4ixTUW2WwPR2-A==
GET H2	200	Roboto-Regular.ttf d2zi7r1qsrih6r.cloudfront.net/ClientAssets/Fonts/	159 KB 160 KB	10ms 10ms	Font binary/octet-stream	2600:9000:2156:cc00:2:e9fc:a0c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2zi7r1qsrih6r.cloudfront.net/ClientAssets/Fonts/Roboto-Regular.ttf Requested by Host: chat.satis.fi URL: https://chat.satis.fi/popup/GetCSS Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:cc00:2:e9fc:a0c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54 Request headers Referer https://chat.satis.fi/ Origin https://mpv.tickets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 05:14:11 GMT via 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront) age 30262 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 1800 content-length 162876 last-modified Fri, 10 Apr 2020 14:36:49 GMT server AmazonS3 etag "ac3f799d5bbaf5196fab15ab8de8431c" vary Origin access-control-allow-methods GET content-type binary/octet-stream access-control-allow-origin * x-amz-cf-pop FRA50-C1 accept-ranges bytes x-amz-cf-id oC1mQHgx2UJ64B5bqgT-eYkek0OiyqOBVKTKTeKE7WMyDJ8y-5_N2w==
GET H/1.1	200 OK	TUBV_90x90.png akamai-tickets.akamaized.net/images/primarysales/mtm/	11 KB 11 KB	14ms 13ms	Image image/png	23.216.77.210 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://akamai-tickets.akamaized.net/images/primarysales/mtm/TUBV_90x90.png Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/style/client/client.style.css?styleKey=TUBV&version=3.1.55 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 23.216.77.210 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-216-77-210.deploy.static.akamaitechnologies.com Software nginx / Resource Hash c8d0517f61a03d10dd16222d5713e1f5dc1489751ba0be5829519d43442bda26 Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers Date Tue, 24 May 2022 13:38:32 GMT Last-Modified Thu, 06 Jan 2022 18:49:17 GMT Server nginx ETag "61d739ad-2a42" Content-Type image/png Cache-Control public, max-age=1798 Connection keep-alive Accept-Ranges bytes Content-Length 10818
GET H2	200	proximanova-semibold-webfont.woff2 mpv.tickets.com/style/fonts/	20 KB 21 KB	177ms 176ms	Font font/woff2	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/fonts/proximanova-semibold-webfont.woff2 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/style/app-font-faces.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 441827a0b9896099eeb24b3b034abc11d900c30854b5ca35f29c16c20e641070 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://mpv.tickets.com/style/app-font-faces.css Origin https://mpv.tickets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=9, origin; dur=149 content-length 20880 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx date Tue, 24 May 2022 13:38:32 GMT x-download-options noopen x-frame-options SAMEORIGIN content-type font/woff2 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"5190-180aa7c8568" accept-ranges bytes expires Tue, 24 May 2022 13:38:32 GMT
GET H2	200	glyphicons-halflings-regular.woff2 mpv.tickets.com/style/fonts/	18 KB 18 KB	204ms 203ms	Font font/woff2	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/fonts/glyphicons-halflings-regular.woff2 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/style/app-font-faces.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://mpv.tickets.com/style/app-font-faces.css Origin https://mpv.tickets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=19, origin; dur=152 content-length 18028 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx date Tue, 24 May 2022 13:38:32 GMT x-download-options noopen x-frame-options SAMEORIGIN content-type font/woff2 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"466c-180aa7c8568" accept-ranges bytes expires Tue, 24 May 2022 13:38:32 GMT
GET H2	200	proximanova-bold-webfont.woff2 mpv.tickets.com/style/fonts/	21 KB 21 KB	202ms 201ms	Font font/woff2	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/fonts/proximanova-bold-webfont.woff2 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/style/app-font-faces.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 6442e8e87ad97fcb32ccef544619230bc187a4426fff7af6659971506e4aa66e Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://mpv.tickets.com/style/app-font-faces.css Origin https://mpv.tickets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=8, origin; dur=147 content-length 21420 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx date Tue, 24 May 2022 13:38:32 GMT x-download-options noopen x-frame-options SAMEORIGIN content-type font/woff2 access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"53ac-180aa7c8568" accept-ranges bytes expires Tue, 24 May 2022 13:38:32 GMT
GET H2	200	icomoon.woff mpv.tickets.com/style/fonts/	12 KB 12 KB	219ms 218ms	Font font/woff	23.213.161.214 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://mpv.tickets.com/style/fonts/icomoon.woff Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/style/app-font-faces.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.213.161.214 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-213-161-214.deploy.static.akamaitechnologies.com Software nginx / Resource Hash 2e288aca7478968dd6ece8094bf91c1747fcd89610e22399597f7fd831258b20 Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://mpv.tickets.com/style/app-font-faces.css Origin https://mpv.tickets.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers strict-transport-security max-age=15552000; includeSubDomains x-content-type-options nosniff x-cache-status HIT x-dns-prefetch-control off server-timing cdn-cache; desc=MISS, edge; dur=7, origin; dur=150 content-length 11908 x-xss-protection 1; mode=block pragma no-cache last-modified Mon, 09 May 2022 20:22:09 GMT server nginx date Tue, 24 May 2022 13:38:32 GMT x-download-options noopen x-frame-options SAMEORIGIN content-type font/woff access-control-allow-origin * cache-control max-age=0, no-cache, no-store etag W/"2e84-180aa7c8568" accept-ranges bytes expires Tue, 24 May 2022 13:38:32 GMT
GET H3	200	collect www.google-analytics.com/	35 B 55 B	7ms 7ms	Image image/gif	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=2112231377&t=event&_s=3&dl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&dp=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990%23%2Fauth%2Flogin%3Ffullret%3D%252Fticketmanagement%252F%253Fagency%253DTUBM_MYTIXX%2526orgid%253D52990&ul=en-us&de=UTF-8&dt=MyProVenue%E2%84%A2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=route_change&ea=ACTION&el=Tulsa%20Drillers%3Bundefined-undefined&_u=SACAAEABAAAAAC~&jid=&gjid=&cid=1522092842.1653399509&tid=UA-137392018-1&_gid=1035103093.1653399509&z=1512813204 Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers pragma no-cache date Mon, 23 May 2022 22:47:34 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 53458 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	8ms 7ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=253050551728055&ev=Microdata&dl=https%3A%2F%2Fmpv.tickets.com%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990%23%2Fauth%2Flogin%3Ffullret%3D%252Fticketmanagement%252F%253Fagency%253DTUBM_MYTIXX%2526orgid%253D52990&rl=https%3A%2F%2Fmpv.tickets.com%2Fticketmanagement%2F%3Fagency%3DTUBM_MYTIXX%26orgid%3D52990&if=false&ts=1653399513664&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22MyProVenue%E2%84%A2%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.60&r=stable&ec=1&o=30&fbp=fb.1.1653399509198.1934855062&it=1653399512137&coo=false&es=automatic&tm=3&exp=p1&rqm=GET Requested by Host: mpv.tickets.com URL: https://mpv.tickets.com/?agency=TUBM_MYTIXX&orgid=52990 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://mpv.tickets.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36 Response headers date Tue, 24 May 2022 13:38:33 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Tue, 24 May 2022 13:38:33 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pixel.sitescout.com

URL

https://pixel.sitescout.com/iap/8ccbcfcf04bc999e

Domain

chat.satis.fi

URL

https://chat.satis.fi/Default/GetAWSConfig

Domain

www.paypal.com

URL

https://www.paypal.com/xoplatform/logger/api/logger

Domain

akamai-tickets.akamaized.net

URL

https://akamai-tickets.akamaized.net/images/primarysales/mtm/TUBV_90x90.png

Domain

mpv.tickets.com

URL

https://mpv.tickets.com/style/fonts/proximanova-semibold-webfont.woff2

Domain

mpv.tickets.com

URL

https://mpv.tickets.com/style/fonts/glyphicons-halflings-regular.woff2

Domain

mpv.tickets.com

URL

https://mpv.tickets.com/style/fonts/icomoon.woff

Domain

pixel.quantserve.com

URL

https://pixel.quantserve.com/pixel;r=477575182;labels=_fp.event.Default;rf=0;a=p-M_-sPw2KcS0AJ;url=https%3A%2F%2F6523831.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCIGLn5Oh-PcCFUyBUQoddOYEAg%3Bsrc%3D6523831%3Btype%3Dcounter0%3Bcat%3Dtulsa17%3Bord%3D1%3Bnum%3D2735931381308%3Bgtm%3D2wg5n0%3Bauiddc%3D1738165070.1653399509%3B~oref%3Dhttps%253A%252F%252Fmpv.tickets.com%252F%253Fagency%253DTUBM_MYTIXX%2526orgid%253D52990;ref=https%3A%2F%2Fadservice.google.com%2F;uht=2;fpan=1;fpa=P0-1745500074-1653399509809;pbc=;ns=1;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;d=6523831.fls.doubleclick.net;je=0;sr=1600x1200x24;dst=0;et=1653399509809;tzo=0;ogl=

Domain

www.paypal.com

URL

https://www.paypal.com/xoplatform/logger/api/logger

Domain

mpv.tickets.com

URL

https://mpv.tickets.com/style/fonts/proximanova-semibold-webfont.woff

Domain

mpv.tickets.com

URL

https://mpv.tickets.com/style/fonts/glyphicons-halflings-regular.woff

Domain

pixel.sitescout.com

URL

https://pixel.sitescout.com/iap/8ccbcfcf04bc999e

Domain

mpv.tickets.com

URL

https://mpv.tickets.com/style/fonts/icomoon.woff

Domain

mpv.tickets.com

URL

https://mpv.tickets.com/style/fonts/proximanova-semibold-webfont.woff2

Domain

mpv.tickets.com

URL

https://mpv.tickets.com/style/fonts/proximanova-semibold-webfont.woff